Insight Support & Resources

ico-excel@2x

Insight Excel User Template

Download our Microsoft Excel template to format your user lists

ico-import@2x

How to Import Users Into Insight​

Learn how to add your users using the Insight import tool​

Frequently Asked Questions

Contact Information

Whitelisting

Emails that come from our phishing campaigns may get blocked by your spam filters. To avoid this, please have your IT administrator whitelist the following domains so that the phishing emails sent can be delivered to target users throughout your organization.

mailsupportsystems.com
trackingsupportservices.com
payrollsupportadmin.com
emessageadmin.com
messageservicesadmin.com
efaxmessagesupport.com
helpdesksupportgroup.com
mailsupportsystem.com

The domains above are registered to:
162.218.211.6

Our main contact domain https://www.d2cybersecurity.com is registered to:
72.236.151.31

G Suite: Create and approved sender list: Click here for official G Suite Documentation

Microsoft office 365: Configure 3rd Party Phishing Simulations: Click here for official Microsoft documentation.
Please note: Microsoft does not recommend using transport rules for phishing simulations.

Phishing

Our phishing simulations closely resemble emails that you receive on a regular basis. They are created to look very similar to those sent by large, well-known corporations (i.e., Google, Amazon, Chase, etc.).

New email templates are carefully created and selected for each client and phishing period. Factors such as the time of year, client type (i.e., town vs. school), and location are all taken into consideration when we design our simulations.

All URLs within our phishing simulation emails link to D2’s own training domains. Upon clicking one of these links, the victim is sent to a landing page site that provides education on how they could have identified the simulated phishing attempt and how to avoid clicking on potentially malicious URLs in the future.

Phishing simulations normally run for one to two weeks, Monday through Friday. 

Users that receive our simulated phishing emails will not be negatively impacted in any way.

No. We can only use an email address provided by your organization.

You can add/remove users (one at a time or in bulk) by uploading a list through our online portal here.

To ensure that all users receive the simulated phishing emails, please confirm that there are no typos on your list before submitting.

Our phishing simulations are run four times a year, once per quarter.

D2 will always send you four test phishing simulations several days to a week in advance. The emails will be titled “D2 Cybersecurity Test”, and each will include a short message informing you of your upcoming campaign.

If you are still uncertain, please contact D2 for confirmation.

Follow your organization’s policies for reporting a phishing attack.

Do not click anything in the email message. 

Please contact D2 so that we may confirm the message’s legitimacy and help keep your school/municipality safe.

Vulnerability Assessment

No data will ever be downloaded or modified.

D2 will never install software on your systems during a vulnerability scan.

There may be rare instances where D2’s IP addresses will need to be whitelisted.

D2 will reach out to the technical POC if this becomes necessary.

Reach out to John Bomba to update your IP addresses.

John Bomba
Email: jbomba@d2cybersecurity.com  
Phone: 732-507-7341

Additional IP addresses can be added at any time.

Vulnerability scanning uses automated tools to detect vulnerabilities in your network. During this process, the vulnerabilities are only detected, not exploited to gain access/control.

Penetration testing is a manual process that involves exploiting vulnerabilities, emulating what a hacker might attempt in an effort to access and take control of your network.

Vulnerability scanning is usually completed in under an hour and is performed during off-hours to minimize the already small chance of it affecting your network.

We recommend that ALL IP addresses be tested. Including those which are thought to be unused.

One of our goals is to identify potentially forgotten internet connected devices that might compromise the security of your network.

The KYC form has a “Testing Window” section or you can email John Bomba to modify the time you initially indicated.

The KYC form has an “Exceptions” section. Reach out to John Bomba to update it, if needed.

Our advice is to scan every external IP address to detect any vulnerabilities. Leaving a critically important section of the network unscanned/tested might leave it vulnerable to a cyber-attack that could have otherwise been prevented.

D2 will NOT conduct a vulnerability scan on any interconnected systems.

D2 will NOT attempt to connect to any interconnected county, state, or federal systems.

Only the IP addresses listed on the KYC form will be included.

Your  report should be available the next business day after the scan is performed, usually the day after the KYC form is submitted.

No. Due to the sensitive nature of the information in the vulnerability reports they can only be access through the insight portal. https://insight.d2cybersecurity.com/

We strongly advise that you DO NOT share your Insight login credentials (or share credentials for any other systems that you might need to access).

If you would like to add more than two POCs, please either provide an additional copy of the KYC form that includes the additional users’ information or contact John Bomba.

Vulnerabilities are classified on a scale of Low, Medium, High, and Critical, based on their CVSS score.

In the event that we find a Critical vulnerability, D2 will notify the POCs within one business day.

This means that our scans did not detect any vulnerabilities at this time.

Please keep in mind that new vulnerabilities and exploits can be found daily, so you may see something appear on the next report.

If a vulnerability or exploit has been identified, D2 will include any known remediation steps within the report. We advise that you discuss these suggested solutions with your technology POCs.

External Penetration Testing

No data will ever be downloaded or modified.

In some situations, a screenshot of a system may be taken to provide “proof” that D2’s penetration tester was able to access a system that should have been off limits.

The goal of a penetration test is not to steal files/data from your network, but to demonstrate if it is possible.

In order to attempt certain exploits, D2 may need to run code on the target machine. If this occurs, the process will be fully documented and reversed on completion.

For example, if D2 found an exploit that would allow us to create a user on a system, we would do so, screenshot the results, and document the steps taken. Once this was accomplished, we would reverse the procedure and take another screenshot to prove that the user was removed. We follow this process in order to show that the exploit could be done without anything malicious actually occurring.

Reach out to John Bomba at D2 to update your IP addresses.

John Bomba
Email: jbomba@d2cybersecurity.com 
Phone: 732.507.7341

Additional IP addresses can be added at any time. Please keep in mind, however, that any IP addresses that are added after the annual penetration test has started will not be included until the next monthly vulnerability scans.

Vulnerability scanning uses automated tools to detect vulnerabilities in your network. During this process, the vulnerabilities are only detected, not exploited to gain access/control.

Penetration testing is a manual process that involves exploiting vulnerabilities, emulating what a hacker might attempt in an effort to access and take control of your network.

Penetration testing happens over the course of several days or weeks, depending on the size of the network. The process is intentionally slow, in order to avoid being noticed.

 

We recommend that ALL IP addresses be tested. Including those which are thought to be unused.

One of our goals is to identify potentially forgotten internet connected devices that might compromise the security of your network.

Reach out to John Bomba.

John Bomba
Email: jbomba@d2cybersecurity.com 
Phone: 732.507.7341

It is important to verify that it is D2 running a penetration test and not a potentially malicious actor in your network.

The KYC form has a “Testing Window” section or you can email John Bomba to modify the time you initially indicated.

The KYC form has an “Exceptions” section. Reach out to John Bomba to update it, if needed.

To avoid missing a potentially critical security vulnerability, we typically advise scanning all external IP addresses.

Our advice is to scan every external IP address to detect any vulnerabilities. Leaving a critically important section of the network unscanned/tested might leave it vulnerable to a cyber-attack that could have otherwise been prevented.

D2 will NOT scan or conduct a penetration test on any interconnected systems.

D2 will NOT attempt to connect to any interconnected county, state, or federal systems.

Only the IP addresses listed on the KYC form will be included.

Depending on the size of the network scanned, your report up to 3 weeks after the test is completed. D2 will notify the POCs when it is available.

No. Due to the sensitive nature of the information in the vulnerability and penetration testing reports, they can only be accessed through the insight portal. https://insight.d2cybersecurity.com/

We strongly advise that you DO NOT share your Insight login credentials (or share credentials for any other systems that you might need to access).

If you would like to add more than two POCs, please either provide an additional copy of the KYC form that includes the additional users’ information or contact John Bomba.

Vulnerabilities are classified on a scale of Low, Medium, High and Critical, based on their CVSS score.

In the event that we find a Critical vulnerability, D2 will notify the POCs within one business day

D2 will immediately reach out to the POC and notify them of the breach.

We will also provide a preliminary report on the steps taken to breach the network as soon as possible

A successful breach does not end the penetration test and a full report will be available after the test’s completion.

If a vulnerability or exploit has been identified, D2 will include any known remediation steps within the report. We advise that you discuss these suggested solutions with your technology POCs.

Can't find what your looking for?

Our support team is here to assist you with any questions. Complete the support form below and a member of our team will get back to you in a timely manner or give us a call at (732) 507-7300