Türkiye's Homegrown Social Engineering Simulation Platform

Would Your Employees
Click
a Phishing Link?

Nesil.ai measures and closes human-driven security gaps with realistic simulations. E-mail, SMS, QR, vishing, USB drop — one homegrown platform, 500+ Turkish templates, live in 8 minutes.

📧 Phishing & Smishing 📞 Vishing & Pretexting 🔌 USB Drop 🎓 Automated Training 🔒 KVKK Uyumlu 📋 ISO 27001 Raporu
🔒 mail.kurum.com.tr/inbox
📥 Gelen Kutusu 3 yeni mesaj
IT
IT Support — [email protected]
⚠️ Your account will be suspended within 24 hours
Per security policy, renew your password immediately or your access will...
09:14
İK
HR Department
June payroll is out
You can view your pay slip on the HR portal...
08:30
UY
Compliance Team
KVKK training reminder — deadline this month
Don't forget to complete the mandatory awareness training...
Yesterday
FM
Finance Manager
Re: Q2 budget revision
I've reviewed the numbers, we need to talk...
Pzt
IT
IT Support Team
[email protected] — Suspicious domain
⚠️ Your account will be suspended within 24 hours
Dear User,

Our security system has detected an unauthorized sign-in attempt on your account. To protect your account, click the link below and verify your identity immediately gerekmektedir.
► Verify My Identity Now — portal.kurum-guvenlik.tk/verify
🎣
Phishing Tespit Edildi!
This was a Nesil.ai simulation.
In a real attack, your account would have been compromised.
✓ Tracked by Nesil.ai Employee training module auto-launched →
🇹🇷

Nesil.ai — 100% Homegrown Software

Designed, built, and hosted in Türkiye

🏛️ Homegrown Software 🔒 In-Country Data 📋 KVKK Uyumlu 🤝 Turkish-Language Support

Product Features

What Does Nesil.ai Do?

From launching simulations to automated training, behavioral analytics to ISO 27001 reporting — every layer of enterprise cyber awareness management on one platform.

📧

Multi-Channel Attack Simulation

Launch e-mail phishing, SMS smishing, voice vishing, QR code, and USB drop attacks from one platform. 500+ ready Turkish templates per channel, customizable content, and target list management.

🎯

Real-Time Click & Behavior Tracking

Who opened the e-mail, who clicked the link, who filled the form, who entered data — to the second. Instant visibility by department, seniority, location, and time zone.

🎓

Instant Training Trigger on Failure

The moment an employee falls for a simulated attack, the system steps in and delivers targeted Turkish awareness content automatically. Behavior change starts immediately — and measurably.

📊

ISO 27001 & KVKK Compliance Reporting

Reports are generated automatically as ISO 27001 Clause A.7.2.2 evidence, KVKK administrative measure documentation, and BTK audit format. Executive summary and technical report split for every audience.

SaaS — No Installation, Live in 8 Minutes

No server, agent, or software install. Sign in from the browser, upload your target list, launch the campaign. Active Directory, SSO, and SIEM integrations connect cleanly to enterprise infrastructure.

🇹🇷

500+ Turkish Scenarios & Local Context

Realistic templates imitating PTT, e-Devlet, local banks, courier firms, and popular Turkish platforms. Local language and cultural context quality foreign platforms can't match.

📧
500+
Ready Turkish attack templates
8 dk
Time to launch the first campaign
🎯
20+
Attack vectors and scenario types
📉
%5'e
Drop in failure rate after simulation
🇹🇷
%100
Local infrastructure — full KVKK compliance
🏛️
ISO
Automatic 27001 & KVKK audit reports

Platform Modules

Every Attack Vector Covered

Manage every dimension of social engineering from one platform — from phishing e-mails to USB drop hardware.

📧

Phishing Kampanya Motoru

Realistic phishing e-mails with your organization's brand, language, and scenarios. 500+ Turkish templates, drag-and-drop editor.

  • Spear phishing & hedefli kampanya
  • Domain & URL masking simulation
  • Real-time open / click / form tracking
  • A/B testing & campaign scheduler
  • Multilingual template support (TR / EN)
📱

SMS & QR Simulation

Smishing in the guise of PTT, banks, and e-Devlet; mobile and physical channel tests with in-office QR traps.

  • Turkish smishing campaigns
  • Operator / bank caller ID masking
  • Custom QR traps and landing pages
  • Mobile device & OS analytics
📞

Vishing & Pretexting

Phone-based social engineering in IT support, executive, and bank roles. Measure resistance to sensitive data disclosure.

  • Scenario-based call flow management
  • Caller ID spoofing simulation
  • IT / HR / finance pretexting roles
  • Call transcripts and success scoring
🔌

USB Drop & Physical Security

Test physical security maturity with giveaway USB drives and QR codes. Which department, which location is exposed?

  • USB insertion & autorun detection
  • Location & department breakdowns
  • Physical access vulnerability map
  • Endpoint security policy violation detection
📊

Behavioral Analytics & Reporting

Vulnerability maps across department, seniority, and location. Executive reports generated automatically.

  • Real-time campaign dashboard
  • Multi-dimensional breakdown analysis
  • KVKK & ISO 27001 compliance reports
  • Executive summary + technical report split
🎓

Automated Awareness Training

Employees who fall for a simulation instantly receive targeted Turkish training content. Behavior change is measured.

  • Training triggered at the moment of failure
  • Turkish micro-learning modules
  • Training completion & score tracking
  • Periodic maturity measurement

How It Works

The Simulation Cycle, Step by Step

A continuously improving methodology — from scoping to measuring behavior change.

1

Scope & Tehdit Profili

The organization's threat vectors and target departments are defined

2

Scenario Design

Industry-specific Turkish attack scenarios are prepared

3

Campaign Launch

Simulations reach targets on a planned schedule

4

Instant Training

Susceptible employees automatically receive awareness content

5

Analysis & Reporting

Findings and compliance reports go to management

6

Continuous Improvement

Periodic simulations raise security maturity

Industry Data

Why Test the Human Factor?

Global data shows technical security alone is not enough.

The Truth Behind Cyber Attacks

Firewalls can't stop the attack — but an aware employee can.

%91

of attacks start with a
phishing e-mail

%34

of untrained employees
open the e-mail

%5'e

drop in failure rate
after simulation

500+

Turkish attack
templates

Why Nesil.ai?

The Enterprise Advantages of a Homegrown Solution

Where foreign platforms fall short in Türkiye, we deliver with local infrastructure and an expert team.

1

Turkish & Local Context Quality

500+ realistic templates tailored to PTT, e-Devlet, and local banks. Local language quality foreign competitors can't match.

2

Fully KVKK-Compliant Local Infrastructure

All data is processed in Türkiye. Eliminate the cross-border transfer risk that comes with foreign SaaS.

3

First Simulation in 8 Minutes

No installation, no agent. Launch your campaign within 8 minutes of demo approval.

4

Audit-Ready Reporting

Automatic reports in ISO 27001 A.7.2.2, KVKK administrative measure, and BTK audit formats.

5

Pricing That Scales with Users

Transparent SaaS packages from SMEs to holdings. Scales as you grow — no hidden costs.

6

SLA-Backed Turkish Expert Support

Technical and advisory support in your time zone, in your language, under SLA.

Pricing

A SaaS Package for Every Scale

Transparent pricing that scales by user count. Extra discount on annual plans.

Starter

Starter

Core phishing simulation for SMEs and small teams.

Annual subscription

Request a Quote
  • E-mail phishing campaigns
  • 50 ready Turkish templates
  • Temel raporlama dashboard
  • Automated awareness training
  • E-mail support
Demo Talep Et
Most Popular

Profesyonel

Professional

Multi-channel simulation. For finance and mid-to-large organizations.

Annual subscription

Request a Quote
  • All Starter features
  • SMS, QR & vishing modules
  • 500+ templates & custom scenarios
  • Advanced behavioral analytics
  • KVKK & ISO 27001 raporu
  • Priority support under SLA
Demo Talep Et

Kurumsal

Enterprise

For government, large scale, and on-premise needs.

Contract-based

Let's Talk
  • All Professional features
  • USB drop hardware kit
  • On-premise / private cloud deployment
  • Active Directory & SSO entegrasyonu
  • Custom scenario & template development
  • Dedicated Customer Success
Get in Touch

Frequently Asked Questions

Merak Edilenler

Yes. Nesil.ai runs entirely on local infrastructure. All simulation data is processed and stored on servers in Türkiye, fully aligned with KVKK's cross-border transfer restrictions.
Yes. The platform automatically generates ISO 27001 Clause A.7.2.2 evidence, KVKK administrative measure documentation, and BTK audit-format reports. All simulation records are retained as an audit trail.
No. Nesil.ai is fully SaaS — no server installation or agent rollout. You can launch your first campaign within 8 minutes of demo approval.
No. The platform supports 20+ attack vectors including e-mail phishing, SMS smishing, QR codes, vishing (voice calls), USB drop, and social media spear phishing. All channels are managed from one platform with integrated reporting.
Simulations launch unannounced to mirror real attack conditions. We recommend a general debrief for employees once the campaign concludes.

Are Your Employees Ready for the Next Attack?

Let's design a simulation campaign for your organization as part of a free demo. No credit card — 14 days free, Turkish-language support included.