Dcoya People Centric Security

Today, a vast majority of cyber-attacks start with Spear-phishing emails, employ social engineering techniques and occasionally contain ransomware and other hostile content.

Preventing and detecting such kind of attacks in real time, is a major challenge for most of existing security solutions. Moreover, most of security officers are overloaded with always-rising number of intrusion attempts, breaches and other complex daily routine, which leaves almost no time to deal with the emerging number of social cyber-attacks.

This situation makes it easier for cyber-criminals to penetrate organizations and take control over sensitive assets.

Dcoya aims to turn your employees into your organization’s first line of defense and prevent and mitigate the essence of cyber-attacks in real time.

By delivering an innovative, fully automated solution, based on comprehensive trainings, reporting and education modules, guided by Dcoya’s phishing research team, your employees will turn to organic detection and prevention sensors that can mitigate any social cyber-attack in real time.

Dcoya can make the difference between compromising your most sensitive and valuable data and a successful prevention.

What We Do

We give your employees the knowledge to prevent phishing attacks.

The vast majority of these attacks start with a phishing email. Dcoya’s automated security awareness program trains your employees to identify and avoid phishing and ransomware attacks, breaking the attack chain before it can even start.


Send simulated phishing emails to assess current state of employee awareness.


Teach employees to identify phishing emails using proven automated methodology.


Empower employees to detect and report suspicious emails in real-time.


Instil best practices via continuous training and rewarding of positive behaviour.

The relentless surge of cyber-attacks is keeping CISOs up at night.

What is Dcoya?

Dcoya trains and empowers your employees by periodically sending them mock-up phishing simulations. By automatically analyzing the results and setting the next step in the phishing campaign, your employees will turn to an organic network of sensors, capable of alerting and detecting cyber-attacks in real time. Dcoya’s innovative solution provides critical visibility to your organization security awareness state and helps you with identifying and training your weakest links.

Dcoya’s proven positive-educational approach is the most reliable method of preventing mass-phishing, spear-phishing and ransomware attacks by introducing real life scenarios to your employees. The solution teaches them how to avoid becoming a cyber victim and most importantly share their experience and knowledge with their colleagues and organization’s security teams.

Dcoya is more than just an email simulator – based on our comprehensive methodology, phishing training campaigns automatically adjust themselves according to your organization’s culture, historical and ongoing results and observed employees’ behavior. Additionally, if you feel like getting off the automatic pilot, you can always use Dcoya’s advanced framework to craft your own simulations and create teachable content that is specifically tailored for your needs. Raise your employees’ awareness, train them and dramatically reduce the chance of being part of the cyber-crime statistics.

Why Dcoya


Dcoya focuses on the human element, substantially reducing your organization’s attack surface and vulnerability to phishing attacks.

The cloud is deployed automatically, at the scale and distribution of your choice.


Dcoya automatically creates individual training programs, adjusts simulated scenarios based on employee behavior and reports results upstairs.


Dcoya’s complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.


Dcoya’s complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

What makes Dcoya So Unique?

Automation and expert-guiding is critical for dealing with the lack of experience in the phishing-training domain.

Unlike other security training solutions, Dcoya’s ATM™– Automatic Training Module – innovates and eases the management of a training campaign by automatically sending phishing simulations to a single or a group of employees, analyzing the results and setting the next steps and targets in the campaign.

Dcoya ATM™ identifies the behaviors that are consistent and unique to individual employees, groups or departments and automatically assigns the most suitable and effective security awareness training program.

Training Interface

We at Dcoya believe that the key to effective security training program is visibility. Dcoya’s training interface uses the information collected by our platform to tell an easy-to-understand story of your employees’ behavior in time of a phishing attack. Dcoya’s interface employs data pivoting and trend reports and lets you take a closer look on each simulation results, reducing the time required for collecting and interpreting results gathered from multiple training campaigns.

Dcoya’s training interface helps you to understand the state of your employees’ awareness level at a glance and provides detailed training program context. By transforming your employees’ behavior data into simple and intuitive visualizations and focusing on specific individual’s behavior, your organization’s durability to cyber-attacks can be improved dramatically.

The training management interface captures employee, group and department behavior throughout the training campaign lifecycle and allows to generate both detailed and executive summary reports: A. Detailed, hands-on report – contains detailed information for maintaining and improving your organization’s awareness training program; B. Summarized, executive report – contains trends and analysis of how employees’ behavior is responding to the phishing training program and suggestions of how a potential damage can be lowered even more.

Dcoya Advantive™

Early detection is key to preventing phishing and spear-phishing attacks. Moreover, since existing phishing prevention technologies cannot stop sophisticated cyber-attacks, early detection becomes fundamental aspect of any organization’s security strategy. The earlier a cyber-attack began prior to detection, the higher its damage potential, resulting in far greater investigation and restoration costs.

Dcoya Advantive™ assists organizations with reducing the chance of becoming a victim to phishing and spear phishing attacks and improves the early warnings rate by offering an additional layer of a real-time attack detection and response capabilities. The result is a platform that reduces time spent on gathering information to detect the next cyber-attack.

Dcoya on premise solution allows you to receive early knowledge of phishing outbreak in your organization and enables your security teams to detect, understand and respond to analyzed, prioritized and relevant phishing warnings.

By deploying Dcoya Advantive™ in your environment we offer you an immediate detection of true phishing attempts, which leads to dramatic reduction in the time required to remediate an attack. The solution employs advanced algorithms that automatically categorize both individual and company-wide email activity. By cutting through thousands of emails and distinguishing between legitimate, non-hostile phishing emails and real spear phishing attacks, security teams benefit from most effective method of quickly highlighting malicious phishing attacks.

Dcoya Lightbeam is based on an easily installed, non-invasive email client plugin. It empowers employees to share their knowledge and highlights any suspicious emails by clicking a button in their email client.

Managed Services

We know that your to-do list is ever growing. Organizations these days are under constant threat of cyberattacks and the situation is only getting worse with the rise of spear-phishing and ransomware attacks. You know that you must train your employees and raise their awareness but you just don’t have time. Less burning tasks such as educating your employees usually get lower precedence and that is exactly what the attackers are looking for.

Our team of phishing researchers constantly update the library of simulation templates that mimic malicious activities, tactics and procedures that hackers use while executing their social engineering attacks. This ever growing library, frees you from spending precious time on crafting simulations and configuring the product.

Dcoya’s managed service allows you to benefit from team of analysts with years of cyber-expertise in phishing, that will match the simulations with your organization-specific needs and the current trends in real world phishing.

Our specialists will diligently work with you to design and facilitate a specific phishing training program that will match your organization’s goals. As part of the annual training program, an assessment of employees’ baseline level of awareness and behavior will be established. Then, a specific training program will be built and continuously updated based on the results of the ongoing periodic phishing assessments. This process is crucial to ensure you gain highest effect on your employees’ behavior and meet the change you are seeking from the phishing awareness program.

About Dcoya

Phishing and spear-phishing attacks are taking a toll on organizations, through data breaches, social engineering and targeted malware. Cyber-criminals are able to acquire the information required to access organization assets with ease. At the same time, a new generation of attacks including ransomware and social phishing, are making cyber-attacks more difficult to detect.

Organizations these days are under constant threat from cyber-attacks and the situation is only getting worse with the rise of spear-phishing and ransomware attacks. By employing automation and machine learning, you specify the target and the timeline, and Dcoya will automatically tailor and continuously adjust the security awareness training program that best fits and covers all aspects relevant for your organization. That is why our solution is more efficient than other traditional security awareness products.

We at Dcoya believe that employees’ cyber-security knowledge and awareness must be a foundational aspect of any organization’s security strategy. Our innovative platform empowers employees to take a proactive participation in organization-wide cyber-security effort. As active participants in Dcoya’s awareness program, employees will be able to spot phishing attacks and report them to the organization cyber incident response team in order to halt attackers’ hack-chain and nullify it. The company was founded in 2014 by cyber-security experts, with years of proven experience in the ethical hacking and social cyber-security fields. Dcoya is currently deployed in leading financial institutes, government, municipalities, critical infrastructure and companies.