Stickley on Security —
Awareness, Phishing Simulation, Automated PEN Testing & Impersonation Defense

Stickley on Security (SoS) is a cybersecurity awareness, phishing-simulation and automated-penetration-testing operator delivering Powered Cybersecurity Training (automated employee education + monthly phishing simulation), vPenTest automated internal and external network penetration testing, Domain Assure impersonation-attack defense and lookalike-domain takedown, SoS Advisor security center, and supplementary executive policy review — fitting operating models whose threat posture is dominated by end-user negligence and lookalike-domain phishing, and whose security posture cannot rely on firewalls, encryption and endpoint controls alone to defend against social engineering.

Powered Cybersecurity Training is a fully automated awareness platform that releases a new SCORM-compliant cybersecurity course every quarter, runs randomized monthly phishing simulations across multiple unique domains so employees cannot easily recognize them as tests, automatically assigns a relevant remediation module to any employee who clicks, and emits monthly administrator reports — fitting operating models whose security posture demands real-world phishing simulations rather than generic templates, and whose internal IT cannot dedicate ongoing labor to running and reporting on awareness programs.

vPenTest is an automated network-penetration-testing platform that performs full internal and external penetration tests on demand, executing egress-filtering testing, authentication attacks against discovered credentials, privilege escalation and lateral movement, simulated malware upload to validate endpoint anti-malware controls, and data-exfiltration simulation — with per-activity log files so your monitoring and detection stack can be cross-referenced — fitting operating models whose compliance posture demands recurring penetration testing and whose security posture cannot wait weeks for a consultant-led engagement to be scheduled.

Domain Assure proactively searches for lookalike, typosquatting and similar domains containing your brand, monitors DNS, IP and SPF records on those domains so it can detect when a strategically aged domain pivots from harmless to malicious, captures daily snapshot images, and provides unlimited takedown service against impersonating domains — fitting operating models whose threat posture is materially exposed to spear-phishing built on aged lookalike domains designed to defeat email-reputation algorithms, and whose security posture cannot rely on inbound filtering alone.

SoS services are designed for rapid deployment — typically days rather than weeks — with high levels of automation across reporting, notices, course assignment and phishing dispatch, and the SoS Advisor security center placed on a customer site in minutes via a single line of code — fitting operating models whose internal IT and security teams cannot absorb a multi-month onboarding project, and whose stakeholders need awareness, simulation and impersonation defense in production quickly.

Your contract is with Stickley on Security. Fibi remains your independent advisor — escalating support cases, revisiting awareness, phishing-simulation, automated-penetration-testing and impersonation-defense scope at renewal, and re-comparing SoS against alternative cybersecurity-awareness, phishing-simulation and offensive-security providers at contract events. There is no advisory fee — Fibi is provider-funded.