The Q-LOG Computerized Awareness Training System educates your employees to prevent cyber-attacks such as phishing, malware, spyware, ransomware, along with social engineering manipulation prevention.

Q-LOG is a modular system that works across the platforms you use in the workplace, including desktop and mobile devices, all without any need for client-side software.

QLOG - logo

“Only amateurs attack machines; professionals target people”

 –Bruce Schneier, American Cryptographer

Celestya’s Q-LOG system is the complete, end-to-end solution for analyzing and documenting employee real-life behavior on the organization’s network, focusing on actions that are contrary to the organization’s policy. Q-LOG raises employee cyber-awareness by managing, planning and implementing annual and multi-year training programs, while measuring the effectiveness of the employee’s cyber-awareness. Actual behavior on the network is fully documented and augmented with theoretical training programs and practical simulation exercises. With Q-LOG, cyber-security and cyber-awareness are improved by effectively focusing on the desired changes in organizational behavior.

Q-LOG is a personalized and customizable solution that builds a specific user profile for each employee, based on their role, the cyber-awareness training already received, and their actual behavior on the network. The personalized user profile ensures that the employee receives the exact type of training they need, when they need it.

Celestya’s annual and multi-year programs are based on over a decade of experience, positioning Celestya and Q-LOG as the industry’s leading solution that incorporates a variety of specialized training aids and effectiveness indices derived from the organization’s specific needs and Celestya’s industry-leading methodologies.

Q-LOG can be installed on-premises or as a cloud SAAS, managed either by Celestya or by the organization. The on-premises installation fully synchronizes automatically with the active directory.

Celestya provides flexible pricing plans to fit the budget of any organization. Plans include module licensing, per-seat licensing, and annual, triennial or perpetual licensing. Extended service plans after the initial year are available.

Find out how to slash cyber-awareness training costs while dramatically improving network cyber-security


Human SIEM

The Human SIEM module of the Q-LOG system seamlessly integrates with the organization’s SIEM system and analyzes its data to derive the real-life network behavior of each individual user. This actual behavior of the user, coupled with their theoretical and practical tutorial scores and their organizational role automatically generate the individual user personal profile that is used to determine what further training is required, along with active access restrictions on the user when behavior contrary to the organization’s policies is detected. The key features of the Human SIEM module include:

  • Management of information security events at the user level based on actions taken by the user contrary to the organization’s policy
  • Personalized alerts to the users, automatically generated when behavior contrary to the organization is detected
  • Restrictions on user access are automatically generated, based on the user’s network behavior and their knowledge level

Q-LOG Theory Modules

Digital tutorials are provided continuously throughout the year using a variety of vehicles such as tutorials, multiple choice quizzes and messages. These provide the basis for measuring the user’s knowledge level and behavioral patterns, assisting in identifying areas of weakness and measuring improvement trends. They key tools include:

  • Flexible Tutorials
  • Fixed Tutorials
  • Messages
  • Questionnaires

Q-LOG Mock-Attack Modules

Q-LOG leads the cyber-awareness industry by providing the infrastructure for mock attacks conducted across critical vectors:

  • Email phishing
  • Smishing – phishing via SMS
  • Web phishing – phishing while web browsing
  • Wi-Fi phishing

All of these modules include statistics, graphics and reports for the organization’s status, with drill-downs to the department, employee, category, topic and campaign levels. Comparisons are provided for time-periods defined by the administrator. Built-in graphs are provided, and a wide variety of reports can be exported.

Celestya provides consulting, professional services and accompanying merchandise (such as newsletters, screen savers, banners) as part of an annual or multi-year plan for raising cyber-security awareness.

Q-LOG is the leading cyber-awareness platform and the only one providing effectiveness metrics. For more information, click here.

Summary of Q-LOG’s Key Modules:

Awareness Digital Training Tutorial

  • Management and distribution of interactive tutorials
  • Storyline tutorials and courses, compliant to the Scorm 1.2 standard. Supports a variety of content providers, languages and graphic designs
  • Common Customizations for all Tutorials (both fixed and flexible)
    • Management of automatic periodic distribution and selection of recipients
    • Special distributions for new users and for meeting regulatory compliance
    • Applicable for all common topics including:
      • Privacy protection
      • Passwords
      • Social media and networks
      • Physical security
      • Clean workspace
      • Email usage
      • Mobile device usage
      • Web browsing
        And many more
    • Variety of distribution triggers, including upon login, via email, via text messages and more

Awareness Training – Flexible Tutorials

  • Tutorial Generator
    Provides out-of-the-box tutorials that can be used as-is or edited. Possible customization modifications include:
    • Graphic design adapted to the organization’s branding
    • Text and information content, presented in the languages used by the organization/end user
    • Questions adapted to the organization’s policies
  • The Human SIEM module coupled with the tutorial modules are a unique and break-through solution that saves time and money in raising cyber-awareness
    • Personalized awareness content
      Each user receives tutorials when they need it and only on the necessary topics based on the user’s personal profile and their actual work-behavior on the network.
    • Policy Enforcement
      If a user does not complete their required tutorials in the allotted time period, various alerts and restrictions can be activated, including:
      • Alerts to the user’s manager
      • Permission restrictions to the user, including, if required, access restriction for a predetermined time period or until a relevant tutorial is completed with a passing score. After the tutorial is completed, any restrictions are automatically lifted.

Awareness Training – Questions & Messages

The QLOG system provides all of the tools for continuous awareness training throughout the year, including:

  • Content management
  • Distribution of content including:
    • Tutorial distribution
    • Messages
    • Reminders
    • Tips on cyber-awareness and information security

Mock-Attack Modules
Q-LOG’s practical layer includes a robust set of tools for raising cyber-awareness and promoting information security, including:

Well-known Industry research studies clearly identify email phishing as one of the leading and most destructive type of attacks. Because of the danger, most countries have imposed regulatory requirements on many Industries for implementing mock email phishing attack simulations to raise cyber-awareness, to gauge the organization’s risk level, and to measure weak areas and improvement trends.

98% of smishing text messages are read and 45% of smishing text messages are answered, compared to only 20% and 6% for phishing emails. This has led to a 17% rise in smishing attacks in 2020, according to Verizon Mobile Security Index 2020.

In 2020, 6.95 million new fraudulent imposter web pages were created (Bolster report). The APWG reported that in October 2020, 225,304 new imposter web sites were uncovered for that month alone, breaking all previous monthly records.

Not just email links: Imposter web sites can be reached through web browsing, social media links in addition to email links. This module trains the user to identify imposter sites reached while web browsing as opposed to reaching them only from clicking on an email link.

Phishing schemes via rogue or evil twin access points can be prevented using Q-LOG’s Wi-Fi phishing module. The sophistication of the attack can be customized to the company’s needs.