In this report, Pavel presents Tinkoff’s in‑house system developed for checking the resilience of its employees to phishing attacks.

Does a company need anti‑phishing if it already has a SOC? What are the pros and cons of commercial solutions? What difficulties did Pavel and his team encounter in the development and implementation of the solution? What does the process of adding a new anti‑phishing template look like? What measures can be taken regarding the users who have been compromised?