Psychological defense as a factor of user's vulnerability in a socio-engineering attacks context

The prototype of the program complex, used for demonstration of basic possibility for estimation the protection of personnel of information system from socioengineering attacks on the base of generalized approach, focused on analysis of trees of attacks, is described. The representation of information system and its personnel in the specified program complex is based on hierarchy of information models, which consist of information model of the user, information model of the users group, information model of control area, information model of hardware and software complex, information model of critical information objects (system of documents), information model of information system itself and links between corresponding objects. The list of technologies, used during the development of this product, the reasons for using this technologies and brief substantiation of some technical solutions are worked out. The example of proceeding of program complex prototype during editing the information about socioengineering attack, as well as during the imitation of socioengineering attack on the recompensation type on the personnel of this system is considered.