Built to protect.
Designed to disrupt.

Nimble like a startup. Proven like a giant.

We’re the minds behind PhishTACO, a platform that lets organizations identify and educate employees susceptible to phishing attacks. PhishTACO is FedRAMP Moderate In Process—and that’s one of the highest federal security standards there is.

ZibaSec in the news

How ZibaSec Leverages GitHub's Advanced Security

GitHub, Inc

ZibaSec Joins APWG, Leveraging Global NGO's Unique Data Corpora for Research and Development

PR Newswire

Secure and compliant.
FedRAMP authorized.

PhishTACO is designed to ensure compliance with federal security regulations. Once we’re FedRAMP Moderate Authorized, that will mean we meet one of the highest standards in cloud computing cyber security.

What is FedRAMP?

The Federal Risk and Authorization Management Program (FedRAMP) assesses cloud service providers to ensure they are secure. Those who pass the assessment are then approved for use by government agencies.

What does FEDramp entail?

Getting authorized takes at least six months, and can take well over a year. It requires completing a training, developing a System Security Plan, undergoing a full security assessment, and, even after authorization, continuous monitoring.

Is PhishTACO government only?

No! PhishTACO works for all kinds of organizations, from SMBs to enterprises in the public and private sector. FedRAMP just adds an extra layer of security assurance.

Our hackers don’t steal your data.
They protect it.

PhishTACO

Scalable. Holistic. Honestly priced. We built PhishTACO to give organizations a better way to keep their data safe and secure.

—Design and send sophisticated emails in minutes

—Unparalleled reporting capabilities

—Easy-to-use interfaces and intuitive design

—One dashboard for all your divisions

take me to phishtaco

Security awareness training content

Educate your workforce about the latest phishing techniques so they can identify and flag emails, not fall for them.

—Open source content hosted on Github

—Free to everyone, not just our customers

—SCORM compliant

take me to github

The Department of Justice trusts us to keep them safe.
You can, too.

From the FBI to the ATF, PhishTACO helps keep every agency in the Department of Justice safe from phishers.

Office of the Attorney General

DEA

Interpol

U.S. Marshals Service

FBI

Bureau of Prisons

ATF

Civil Rights Division

National Institute of Justice

Be the first to know.

We’re hard at work on additional ways to secure your organization. Sign up for email updates and we’ll keep you posted on our latest product releases.

stay up to date

SMS phishing simulation platform
Coming Fall 2021

We will provide a very similar phishing simulation experience to our current email offering, but for text messages (SMS). A customer admin can configure a message with one or more links and schedule a time to send it to some or all of their employees. An example SMS might be: “Your Amazon package has been delayed, please reschedule delivery here: https://somebadurl.”

Phishing defense email plugins Free for personal use

We are working on the release of a phishing defense tool: an email plugin for Outlook and Google. It would be free for personal use. If you see an email you think is suspicious, or you just want to double-check, you’ll click on a button within your email that says, “Scan this email for phishing.” Our backend then checks it against our proprietary machine learning (AI) backend, which extracts over a dozen features and derives its conclusion from a sophisticated machine learning model built with a large data set of phishing emails and other known indicators, including images with brand impersonation. The more emails get reported, the more accurate everyone's defense becomes.

Click here to join the waiting list

Built to protect.Designed to disrupt.