cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3230
Views
0
Helpful
3
Replies

DUO Push Notifications Phishing Exercise

micah4
Level 1
Level 1

Can anyone provide any guidance regarding the ability to perform 2FA Push notification Phishing Exercises to train users on approving random Push notification requests? Can this kind of exercise be achieved via an API or within the DUO admin console directly? Does anyone perform this or similar efforts to improve their security posture and what metrics can be pulled to show testing trends?

3 Replies 3

bullerjonathan
Level 1
Level 1

I know that you can send a Push to a user’s mobile device from the user page at the top right, by clicking “Send Duo Push”, although this will display on their device as a “Support request.” You will have to wait on that page to see if the individual user accepts or denies. There is a API endpoint for sending support pushes, I assume you could develop a script to do this en masse.

les.brewer
Level 1
Level 1