Products created by Immunity Systems are a response to the constant threat of cyber attacks by sophisticated and advanced security bypass techniques used by cyber criminals. Our products focus on providing protection against hacker attacks and threats in cyberspace.

APT Defend concentrates on conducting simulated attacks, allowing for system customization to ensure an effective response. On the other hand, Phish Sentinel focuses on early detection of phishing attempts and providing warnings to clients. Both products offer comprehensive solutions in the field of cybersecurity, tailored to the specifics of the Polish market and the trends in internet threats.

APT Defend

Extensive opportunities to conduct simulated hacking attacks performed by cyber security experts, secure practice of the most common threats from criminals enabling systems to be adjusted to respond appropriately to an attack, access to extensive knowledge of cyber threats in a convenient e-learning format and at any time, flexible tool to customize simulations, training and security policies to meet individual company needs.  We show you exactly where the vulnerabilities are, so that you can increase the emphasis on protecting precisely those areas. APT Defend is a product created based on the knowledge and experience of Polish security specialists. Every country has its own characteristics to which criminals adapt. Our Platform is therefore adapted to the threats present on the Polish market. The system constantly monitors the situation in the network and adapts its capabilities to the changing trends.

For more information, please visit:

Phish Sentinel

Phish Sentinel is a solution to give our customers early warning of attempted attacks. It consists of 3 modules

  • Domain Monitor: Often in phishing attacks, the attacker buys domains that look similar to our client’s domains. The number of available combinations of such domains is in many cases very large. The solution verifies the registered domains.
  • Certificate Monitor: the module constantly monitors the list of certificates signed by trusted CAs. Its operation uses similar mechanisms as the domain monitor, however, the source of its information is the Certificate Transparency mechanism.
  • Scan Robot: once we detect a domain or link that can be used in attacks, it is monitored by our software in terms of content. If we detect mechanisms on it that allow phishing passwords or attempts to exploit browser bugs – we report it to our client, who, after blocking such a domain in its infrastructure, defeats the attack.
  • Fake Victim: a module that bases its operation on social networking accounts assigned to client companies and tools such as Microsoft Teams or Slack. Messages routed to these accounts also pass verification for attempted attacks.

All this is wrapped in a nice web console, where the client can view detected attempts and system activity. The tool also sends email and SMS notifications depending on the configuration.

Why Phish Sentinel? In addition to the mechanisms described above, we offer the possibility to conduct some scans from the client’s infrastructure. In our experience, professional attacks are served only for the victim’s address. In addition, the entire system is supervised by Cyber Security professionals, who also perform manual verification of the results. For more demanding clients, the solution can be installed onsite on the client’s site.