topic Looking for clarification on Threat Emulation Custom Password Configs in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Looking-for-clarification-on-Threat-Emulation-Custom-Password/m-p/69542#M13325 <P>We are looking to create a custom password list using the SK below based on intel and active threats we've seen.&nbsp; What I'm having trouble understanding though is why we need to add phrases as well given that threat emulation already knows what inbound emails to look at based on the extensions you have defined.&nbsp; What value do we get out of this?</P><P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112821" target="_blank" rel="noopener">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112821</A></P> Fri, 06 Dec 2019 13:43:25 GMT Gregory_Link 2019-12-06T13:43:25Z Looking for clarification on Threat Emulation Custom Password Configs https://community.checkpoint.com/t5/Firewall-and-Security-Management/Looking-for-clarification-on-Threat-Emulation-Custom-Password/m-p/69542#M13325 <P>We are looking to create a custom password list using the SK below based on intel and active threats we've seen.&nbsp; What I'm having trouble understanding though is why we need to add phrases as well given that threat emulation already knows what inbound emails to look at based on the extensions you have defined.&nbsp; What value do we get out of this?</P><P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112821" target="_blank" rel="noopener">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112821</A></P> Fri, 06 Dec 2019 13:43:25 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Looking-for-clarification-on-Threat-Emulation-Custom-Password/m-p/69542#M13325 Gregory_Link 2019-12-06T13:43:25Z Re: Looking for clarification on Threat Emulation Custom Password Configs https://community.checkpoint.com/t5/Firewall-and-Security-Management/Looking-for-clarification-on-Threat-Emulation-Custom-Password/m-p/69557#M13326 The phrases are keywords that might indicate a password is encoded in the email for an end user to type in to decrypt the file. Fri, 06 Dec 2019 20:15:15 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Looking-for-clarification-on-Threat-Emulation-Custom-Password/m-p/69557#M13326 PhoneBoy 2019-12-06T20:15:15Z