Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
LUCY Security is a human-risk management platform for organizations, focused on phishing attack simulations, security awareness training, risk assessment, and reporting analytics. According to its website, it has 10M+ trained users, 11,000+ deployments, 1,000+ customizable training modules, and support for 130+ languages. It is positioned not merely as a course platform, but as a closed-loop tool for “test—train—measure—improve.”
In terms of attack coverage, LUCY supports real-world phishing, spear phishing, smishing, file-based attacks, USB attacks, ransomware simulations, website cloning, and more. It is well suited for assessing employees’ ability to recognize risks across email, mobile devices, and removable media. On the training side, it offers interactive web-based courses, microlearning, certificate generation, an employee portal, personalized learning paths, and performance-based training.
Deployment flexibility is one of its notable strengths: it supports on-premises deployment, private cloud, SaaS, dedicated servers, and can also run on internal networks. It also mentions support for common platforms such as Unix and Windows. For management and alerting, the platform provides real-time dashboards, automated monthly reports, custom reports, user- and group-level insights, reminders, response detection, approval workflows, campaign checks, and an email reporting button. Its integration capabilities are fairly comprehensive, including LDAP, SMTP, REST, and Domain/DNS APIs, with support for integrations with Active Directory, Azure, SIEM, SCORM, and proprietary LMS systems.
The official website lists three tiers: CORE, PRO, and ELITE. CORE includes directory integration, customizable content, phishing attacks, a built-in mail server, real-time reporting, training, on-premises deployment options, and data anonymization. PRO adds domain registration, real-time incident notifications, file and SMS attacks, an email reporting button, SCORM, an end-user portal, and multi-tenancy. ELITE adds VIP support and expert services. Pricing requires contacting sales, with no public unit pricing available.
Its strengths include broad attack simulation coverage, flexible deployment options, strong privacy controls, scalability to 400,000+ users, and support for multiple languages and multi-tenancy. It is suitable for mid-to-large enterprises, highly regulated sectors such as finance and manufacturing, and security service providers delivering managed awareness training. Downsides include non-transparent pricing, no disclosed details on specific compliance certifications such as ISO 27001 or SOC 2, and the possibility that advanced attack simulations and multi-tenant capabilities may depend on higher-tier plans.
The available materials do not provide information on access from mainland China, RMB payments, or local service availability, so China accessibility is unknown. If cross-border access, email deliverability, or procurement compliance is a concern, alternatives to evaluate include KnowBe4, Proofpoint, Cofense, Hoxhunt, or China-based security awareness training and cyber range / attack-defense exercise services from vendors such as 奇安信, 安恒信息, and 绿盟科技.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on lucysecurity.com official site.
lucysecurity.com is an Switzerland Security provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach lucysecurity.com directly.