Loading...
Publication
Framework de Gestão e Análise de Campanhas de Phishing em Ambientes Corporativos
| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| Documento em Acesso Embargado até dia 13-10-2028. Tente solicitar cópia ao autor carregando no ficheiro | 8.01 MB | Adobe PDF |
Authors
Abstract(s)
Com a evolução tecnológica, a dependência de recursos digitais é uma realidade inegável para as empresas modernas. A capacidade de adotar e integrar efetivamente as tecnologias digitais tornou-se um fator crucial para a competitividade, eficiência e sobrevivência no mercado atual. Esta dependência digital, embora traga benefícios, também expõe as organizações a riscos significativos, como ciberataques, entre os quais as campanhas de phishing têm um papel de destaque devido ao sucesso em explorar vulnerabilidades humanas. A Art Resilia, onde este projeto de estágio foi desenvolvido, é uma empresa especializada em fornecer soluções de ciber-resiliência. A sua missão centra-se em ser uma parceira de confiança, reconhecida pelo seu conhecimento e inovação, ajudando as organizações a se prepararem, responderem e recuperarem eficazmente de um panorama de ciberameaças em constante evolução. Neste contexto, este projeto consistiu no planeamento, desenvolvimento e implementação de uma framework de gestão e análise de templates e campanhas de phishing. A ferramenta poderá ser utilizada principalmente pelos analistas da empresa, permitindo-lhes criar e gerir templates de phishing personalizados, configurar campanhas adaptadas a diferentes clientes e recolher informações detalhadas sobre os resultados obtidos. Os clientes, tal como os analistas, terão acesso a dashboards, onde poderão consultar os dados recolhidos pelas campanhas realizadas nos seus colaboradores. Estes painéis, não só possibilitam efetuar análises comparativas com as médias agregadas das restantes empresas incluídas no sistema, como também permitem visualizar dados relevantes da própria organização, nomeadamente indicadores de reincidência, níveis de risco e métricas de desempenho – tanto individuais como por departamentos ou cargos –, fornecendo, assim, uma perspetiva detalhada sobre o seu desempenho de segurança. Este projeto teve como propósito possibilitar a recolha estruturada e detalhada de informações sobre a eficácia de campanhas de sensibilização, facilitando a consciencialização dos colaboradores das empresas clientes. Desta forma, a framework visa otimizar o processo de gestão de campanhas de phishing, garantindo resultados mais mensuráveis e alinhados com as necessidades dos clientes corporativos, contribuindo para o reforço contínuo das estratégias de defesa dos colaboradores face a ameaças baseadas em técnicas de engenharia social.
With technological evolution, the dependence on digital resources has become an undeniable reality for modern companies. The ability to adopt and effectively integrate digital technologies has become a critical factor for competitiveness, efficiency, and survival in today’s market. While this digital dependence brings benefits, it also exposes organizations to significant risks, such as cyberattacks, among which phishing campaigns play a prominent role due to their success in exploiting human vulnerabilities. Art Resilia, where this internship project was carried out, is a company specialized in providing cyber-resilience solutions. Its mission is to be a trusted partner, recognized for its expertise and innovation, helping organizations prepare for, respond to, and recover effectively from an ever-evolving landscape of cyber threats. In this context, this project consisted of the planning, development, and implementation of a framework for managing and analyzing templates and phishing campaigns. The tool is intended primarily for the company’s analysts, enabling them to create and manage customized phishing templates, configure campaigns tailored to different clients, and collect detailed information on the results obtained. Clients, like the analysts, have access to dashboards where they can consult the data collected by the campaigns conducted with their employees. These dashboards not only enable comparative analyses against the aggregated averages of the other companies registered in the system, but also allow the visualization of relevant data for the organization itself—namely recurrence indicators, risk levels, and individual employee metrics—thus providing a detailed perspective on their security performance. The purpose of this project was to enable the structured and detailed collection of information on the effectiveness of awareness campaigns, thereby facilitating the awareness of client companies’ employees. In this way, the framework aims to optimize the process of managing phishing campaigns, ensuring more measurable results aligned with corporate clients’ needs and contributing to the continuous strengthening of employees’ defense strategies against threats based on social-engineering techniques.
With technological evolution, the dependence on digital resources has become an undeniable reality for modern companies. The ability to adopt and effectively integrate digital technologies has become a critical factor for competitiveness, efficiency, and survival in today’s market. While this digital dependence brings benefits, it also exposes organizations to significant risks, such as cyberattacks, among which phishing campaigns play a prominent role due to their success in exploiting human vulnerabilities. Art Resilia, where this internship project was carried out, is a company specialized in providing cyber-resilience solutions. Its mission is to be a trusted partner, recognized for its expertise and innovation, helping organizations prepare for, respond to, and recover effectively from an ever-evolving landscape of cyber threats. In this context, this project consisted of the planning, development, and implementation of a framework for managing and analyzing templates and phishing campaigns. The tool is intended primarily for the company’s analysts, enabling them to create and manage customized phishing templates, configure campaigns tailored to different clients, and collect detailed information on the results obtained. Clients, like the analysts, have access to dashboards where they can consult the data collected by the campaigns conducted with their employees. These dashboards not only enable comparative analyses against the aggregated averages of the other companies registered in the system, but also allow the visualization of relevant data for the organization itself—namely recurrence indicators, risk levels, and individual employee metrics—thus providing a detailed perspective on their security performance. The purpose of this project was to enable the structured and detailed collection of information on the effectiveness of awareness campaigns, thereby facilitating the awareness of client companies’ employees. In this way, the framework aims to optimize the process of managing phishing campaigns, ensuring more measurable results aligned with corporate clients’ needs and contributing to the continuous strengthening of employees’ defense strategies against threats based on social-engineering techniques.
Description
Keywords
Phishing Engenharia Social Malware Cibersegurança Ciber-Resiliência Campanhas De Phishing Gestão De Templates Framework Sensibilização Corporativa Django Pyhton Social Enginnering Cybersecurity Cyber Resilience Phishing Campaign