How do I prepare for an internal phishing campaign with ConcealBrowse? How do I prepare for an internal phishing campaign with ConcealBrowse?

How do I prepare for an internal phishing campaign with ConcealBrowse?


I want to set up an internal phishing campaign for my organization while still using ConcealBrowse, how do I prepare for this to make it successful?



Conceal is always ready to help you prepare for a phishing campaign in your organization. We have some preliminary steps we suggest taking before going live.


  • Before launching your phishing campaign you will want to add the sites and domains you're using to an allow policy in the Conceal dashboard in order to stop Conceal from isolating the site.
  • You can do this by one or bulk upload via a .csv file. Below we will outline both methods as well as outlining single tenants and global policies for multiple tenants.
  • An asterisk(*) is a wildcard symbol that stands for any amount of letters or characters in your URL. You can use these in your URL to capture all subdomains. If your policy is not working as intended, please try this method, CIDR notation doesn't always work.
    • Example: The entry https://jukpmawry6/* will allow the site https://jukpmawry6/ and also any subdomains such as https://jukpmawry6/login/


Adding sites to an allow list (single tenant)

  1. Open your web browser and navigate to the Conceal Dashboard at - login if necessary.
  2. On the left-hand side go to the Policy section, or you can go to
    Screenshot 2023-08-23 at 10.59.35 AM.png
  3. Click the Add Website Policy button on the top right:
    Add new policy.png

Bulk Upload

  1. Select the Bulk Upload tab.
    Screenshot 2023-08-23 at 12.43.22 PM.png
  2. Click Download Sample File to see the expected format for uploading multiple sites to a policy. Below is a screenshot if the example. For this you will want to makes sure to type "allow" in the directive column. Save the file to upload.
    Screenshot 2023-08-23 at 1.19.57 PM.png
  3. Upload the saved file to the Conceal dashboard by dragging and dropping into the space, or you can click in the space to open up your file finder and select the file. Bulk - csv.png
  4. You should automatically see those policies appear as well as a notification.
    Screenshot 2023-08-23 at 1.27.03 PM.png

Video Reference:


Add One

  1. The window will default to the Add One tab upon opening. Type in the URL that you'd like to add to the allow policy. Remember to include asterisks to capture subdomains. Click Add Policy to save the changes.
    Screenshot 2023-08-23 at 12.42.15 PM.png

Policies for multiple tenants:

Please refer to the Global policy settings through ConcealBrowse article for how to set policies to enforce across multiple tenants.


Please refer to the Navigating the Policy section of the ConcealBrowse Dashboard for more on auditing changes in the Policy section. 


*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at by scrolling to the bottom and clicking Submit a request.