Message platform for automated threat simulation, reporting, detection, and remediation
摘要
說明書
In some embodiments, multiple sets of headers can be used in a simulated phishing email for authentication. Some embodiments can include an encrypted data header and an encrypted key header. In addition to a data body (in some cases JSON content), the encrypted data header can have a random X-UUID name, which can be randomized for each scenario email that is generated. It can also contain information for software executing at an endpoint to ensure integrity of the emails received there. The data can be encrypted, using any appropriate technique, such as AES-128-CBC, and then Base64 encoded for transport. The encrypted key header can have a random X-UUID name, which also can be randomized for each scenario email generated. The key header can contain, for example, a 128-bit key and a 128-bit initialization vector for performing decryption, such an AES-128-CBC decryption of the data header. The key and the initialization vector can be encrypted using public key infrastructure, and the data base64 encoded for transport.
Example header field body content can include some or all of the content illustrated as scenario headers in
