Your simulation is now over, and you are eager to check the results. ATTACK Simulator gives you several types of reports to help you discover the state of your organization when it comes to cyber-attacks. In this article, we will focus on .csv reports.


The .csv reports can be opened in Microsoft Excel. Upon opening, for a more comprehensive view of the data, the text needs to be split into columns. If you're having trouble, you can find out how to do it here.

Depending on the type of simulation you choose, you will have access to different types of reports. Most of them have certain terms in common that reflect user actions. We call these terms events. You can find below the most important ones:

 An event signaling that the email has left our servers and is on route to the recipient
delivered An event stating that the recipient has received the email. We can't tell if the email was sent to the Junk/Spam folder. 
opened An event reporting that the recipient opened the email.
An event reporting that the recipient clicked a link in the email.
affected An event reporting that the recipient took a dangerous action in the landing page associated to this email.

You can find a more detailed list of events here.

The User Data report

The User Data report gives you a glance at each user's stats in the selected simulation. It's helpful to find users who performed poorly in the past simulation quickly. You should look for high emails-clicked and emails-affected numbers. Also, this report shows you the amount of leaked data for each user.

The User Events report

The User Events report shows you detailed information about each user action recorded by our platform. Here you can see with what emails a specific user interacted. This report contains much more events than the ones presented in the article. Therefore it's possible to check whether a specific user typed a password or email address in our landing pages.

The Attack Stats report

The focus of the Attack Stats reports shifts from users to cyber attacks. This report contains an aggregated list of attacks that were sent to your users and the total stats for each of them. It's useful to find which types of cyber-attacks your organization to which your organization is most vulnerable. This report uses the short form of attack names. You can find below an explanation for each of them.

idtIdentity Theft
socSocial Engineering