HailBytes SAT: Complete Platform Tour
Every screen an admin will use, in the order you use them: sign-on, dashboard, campaigns, templates, landing pages, groups, sending profiles, user management, settings, and audit logs.
Prefer to read? The screen-by-screen tour follows below.
Secure Sign-On: SSO, SAML, OIDC, SCIM
Username/password with TOTP MFA is the baseline. Layer on OIDC SSO (Microsoft Entra ID, Google Workspace) or SAML 2.0 (Okta, OneLogin, JumpCloud, Auth0, or any standards-compliant IdP) for single sign-on. Add SCIM 2.0 provisioning to auto-create, update, and deactivate users straight from your identity directory, with no manual onboarding required.
Guided Dashboard
A setup progress checklist walks new admins through enabling MFA, creating a template, configuring a sending profile, and launching their first campaign, without leaving the dashboard.
Unlimited Campaigns
Launch active simulations and archive completed ones in a single view. No per-campaign fees, no per-user licensing, just run as many tests as your program needs.
AI-Driven Campaigns & 45+ Industry Templates
Ship realistic campaigns fast with 45+ industry-specific templates, QR lure coverage, cloned template support, and built-in MCP tooling for AI-assisted campaign generation. Import your own lures too, with HTML/plain-text editing, merge variables, and tracking pixels built in.
Full HTML Template Editor
Import an existing phishing lure in a single click, or craft custom HTML with Subject, Envelope Sender, and personalization variables like {{.FirstName}}. Tracking images are auto-injected.
Reusable Landing Pages
Build credential-capture portals once, then reuse them across simulations. Clone and edit with version history. Pages like “Benefits Portal” and “Corporate Login Portal” ship as reference templates.
Post-Click Training & Branded Certificates
Turn every click into a teachable moment. After a user submits the form, redirect them into an interactive training module (no third-party LMS required) and auto-issue a branded PDF certificate (employee name, training title, completion date) when they pass the quiz.
Segment by Group
Target by department, risk tier, or campaign cohort. CSV import for bulk onboarding, manual editing for precision, and unlimited groups for ongoing programs.
Any SMTP, IMAP Reply Monitoring, Built-in Warming Guide
AWS SES, SendGrid, Mailgun, Microsoft 365, or your own mail server. Point IMAP at a shared mailbox like phishing@company.com and HailBytes SAT tracks user-reported phish in real time, while forwarded reports stay available for analyst routing. Pre-built SMTP templates plus an email-warming guide help you land in inboxes, not spam folders.
Role-Based Access Control
Multi-user platform with Administrator, User, and Read-Only roles. API tokens and last-login timestamps give security teams the controls auditors expect.
Enterprise Settings
TOTP MFA, OIDC SSO, custom branding, AI assistance, certificate management, test data controls, privacy, and security tabs, all in one place. Configure once, run programs for years.
Audit Logs & SIEM Export
Every login, campaign launch, and export is logged with severity, user, category, and IP address. Export to JSON or CSV, or stream live events to your SIEM/SOAR via the REST API and webhooks.
