Proofpoint Security Awareness TrainingFormerly Wombat Security
Overview
What is Proofpoint Security Awareness Training?
Proofpoint Security Awareness Training (formerly ThreatSim from Wombat Security) is a cloud-based training platform that simulates threat scenarios (e.g. phishing) and also provides assessment testing developed by Wombat Technologies, which was acquired by Proofpoint in March 2018.
Totally satisfied with PSAT
Proofpoint Security Awareness Training review
Fantastic product for corporate security awareness and cybersecurity controls
Would not recommend
A Great Security Awareness Training Platform
Proofpoint security awareness is perfect for companies looking for clear-cut metrics
Great Security Awareness option....especially if you're on a tight budget
Proofpoint Security Training
We are happy with PSAT and would buy it again.
Happy with Proofpoint!
Proofpoint Security Review
Employees are the first line of defense!
A fantastic opportunity to learn
The Proof is in the Pudding
Build a "Culture of Security" for under $25K!
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Pricing
What is Proofpoint Security Awareness Training?
Proofpoint Security Awareness Training (formerly ThreatSim from Wombat Security) is a cloud-based training platform that simulates threat scenarios (e.g. phishing) and also provides assessment testing developed by Wombat Technologies, which was acquired by Proofpoint in March 2018.
Entry-level set up fee?
- Setup fee optional
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
88 people also want pricing
Alternatives Pricing
What is KnowBe4 Security Awareness Training?
KnowBe4 is a security awareness training and simulated phishing platform used by more than 65,000 organizations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO…
What is Curricula?
Curricula, headquartered in Atlanta, helps organizations of all sizes to fix their cyber security awareness training programs by using storytelling. It is designed so that employees enjoy fun episodes that take them on adventures to learn how to actively defend themselves in real-world scenarios.…
Product Details
- About
- Competitors
- Tech Details
- Downloadables
- FAQs
What is Proofpoint Security Awareness Training?
- Phishing and USB Simulations
- Knowledge Assessments
- Video, Interactive, and Game-based Training
- Security Awareness and Program Materials
- Email Reporting and Analysis Tools
- Available in 40+ languages
- CISO Dashboard and Real-time Reporting
Proofpoint Security Awareness Training Features
- Supported: Phishing Simulations
- Supported: Knowledge Assessments
- Supported: Video, Interactive, and Game-based Training
- Supported: Security Awareness Materials
- Supported: CISO Dashboard and Real-time Reporting
- Supported: PhishAlarm® Email Reporting Button
- Supported: PhishAlarm® Analyzer Email Analysis Tool
- Supported: Closed-Loop Email Analysis and Response (CLEAR)
- Supported: USB Simulations
Proofpoint Security Awareness Training Competitors
Proofpoint Security Awareness Training Technical Details
Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Unspecified |
Mobile Application | No |
Supported Countries | All |
Supported Languages | Arabic, Burmese, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English (American), English (Australian), English (British), Finnish, French (Canadian), French (European), German, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, Khmer, Korean, Malay, Norwegian, Polish, Portuguese (Brazilian), Romanian, Russian, Spanish (European), Spanish (Latin), Swedish, Thai, Turkish, Ukranian, Vietnamese |
Proofpoint Security Awareness Training Downloadables
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(65)Community Insights
- Recommendations
The user reviews provide several valuable recommendations for using Proofpoint or similar software for training in cybersecurity. One recommendation is to take the time to set up good, functional phishing campaigns to effectively improve security posture. Another suggestion is to thoroughly compare other platforms to find better functionality at a similar price point. Lastly, it is recommended to request a trial of the product to assess its suitability for specific requirements and explore all available options before making a purchase decision.
Attribute Ratings
Reviews
(1-25 of 38)Totally satisfied with PSAT
Most of the environments are allowed to use it, due to its easy way to run. In our experience, We didn't find any problem at any size of company so far.
- Reliability
- Large coverage of phishing samples
- Reports and summaries
- Prices are still above of the market average
Our experience has shown that the maturity level is directly related to how users face the threats.
Proofpoint Security Awareness Training review
- Short, quick, easy training videos
- Phish alarm reporting capabilities are excellent
- Reporting makes it easy to report metrics on education
- Integrating reporting from other modules would be helpful
- Awareness training for our users
- Phishing simulation exercises
- Easy administration
- Adding more phishing simulation exercises
- PhishAlarm needs improvement
- TRAP needs to have a Cloud option, instead of on premise
Would not recommend
- Offers managed service
- Provides average click rate for some templates
- Auto-enrollment not supported for clicks on data entry and attachment campaigns
- Does not translate any custom templates or emails
- Training courses are not available in all languages despite being advertised so
- Cannot send language specific emails to users
- Cannot assign language specific training courses to users
- LMS cannot prevent duplicate assignment of trainings
- Auto-enrollment functionality is very limited
- Users need to be in separate campaigns to receive separate courses
A Great Security Awareness Training Platform
- Variety of Phishing Simulation Templates
- Active Directory Synchronization Options
- Detailed Reporting Options
- Ability to Remove False Positives from Simulation Results
- Additional Abilities to Customize Training Modules
- The modules are easy to follow and relatively quick to complete.
- The ability to integrate (read) data from our Active Directory really helps to import user lists into the program.
- Good variety of domains to select from for URLs inside of simulated Phishing emails.
- The lowest tier of Education modules is somewhat sparse. More modules are available if you select a higher one.
- The initial setup can be a bit time-consuming to get the user lists to configure/imported (based on OU).
- The initial setup can be a bit time-consuming to get the user lists to configure/imported (based on OU).
Proofpoint Security Training
- Their CyberStrength training modules are up to date and are very relevant in today's cybersecurity world. This definitely helps us keep our users up to date with all of today's threats.
- Their support team is great. I get a reply within an hour when I need help with something which gives me confidence in deploying training to the whole company.
- Their phishing tests are also always up to date. This allows us to really test our users to see if they are paying attention to the training we send out.
- Managing users is a little tricky, I hope in the next end user sync update, it automatically pulls new active users into the platform without having to run a script to start the sync process. It also needs the ability to remove users from the platform or mark the users as inactive when a user is offboarded from AD.
We are happy with PSAT and would buy it again.
- The report phish Outlook add-in button has had a positive influence on our users. We have many users regularly reporting suspect phish emails.
- The templates for the phish campaigns are very up to date, using real life recent phishing attacks. This makes our phishing campaigns much more realistic.
- The training modules from PSAT are very effective and useful with our LMS system.
- The Azure Active Directory syncing has shown some weaknesses during upgrades to their system, requiring PSAT product support.
- The Report Phish add-in button does not work in Outlook on shared mailboxes and O365 group mailboxes. Our shared mailboxes rank highest on our VAP list.
- We would like to see login integration with the rest of the Proofpoint portals.
Happy with Proofpoint!
- The Administrator interface was easy to use. It's important for users to be able to create training fast, efficiently and professionally.
- The content was timely and relevant. Our employees really enjoyed the training!
- The reporting function was easy to use.
- At the time that I used the system, there wasn't an easy way to create sequential learning. It appeared more complicated than I expected.
- To add users to a campaign you had to push the due date out. If only someone could figure out how to solve this!
A fantastic opportunity to learn
- It easy to use.
- It has very interesting content.
- Fantastic support.
- Language - Not all translations are formally correct.
- Normally new contents are available only in English. After 40 days, other languages are available.
- In Italy, we don't have the possibility of using SMiShing simulation.
The "in-depth" approach is present only for the email. Could be interesting use the same approach also for the other security domains.
The Proof is in the Pudding
- Great communication from Proofpoint support
- Unbeatable reporting tools
- Great pre-baked tests and training which help keep the users focused and interested
- There are so many reports and statistics that sometimes it can be difficult to find the exact metric you're looking for
Build a "Culture of Security" for under $25K!
- Short Training Modules (10-15 minutes to complete)
- Mobile Responsive (can be completed from any internet connected device)
- Interactive (not just a video, to "complete" you need to pass the tests within the module - showing that you're paying attention and understood the material)
- ThreatSim Testing (to validate the effectiveness of your program)
- Reporting Tools (provide leadership & executive of performance within each department - don't underestimate the benefits of healthy competition within your organization)
- Not ALL Modules are 100% "Mobile Responsive" yet (although they claim to be working on it)
- Module Updates are not as frequent as hoped (although once a year seems to be about the norm)
- The ThreatSim "Smishing" tool (simulated phishing of your users via SMS) is not available in Canada
Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress
Proof point's to the solution of employee security awareness training
- Interesting Modules
- Ability to sync local AD to the security awareness portal
- Phishing Campaigns
- Customer success managers need to play a more active role in the roll out of their products. Technical support is extremely helpful but having more knowledgeable and active CSMs would help a lot, especially for smaller companies that may not have the IT staff to assign security training to
- Scheduled reports for active training assignments used to work really well and now are not generating anything in the reports. This has been sent to support but it's been with them for quite a while now with no success in fixing the issue. Our managers look forward to these weekly reports that I now have to generate by hand and email out
- More training modules developed per month would be greatly appreciated. There are not many left for us to train on. We could reuse some but we'd rather have up to date modules for real world threats
9 Months with Proofpoint
- The training itself. The trainings are setup to be quick yet thorough. Users can finish them quick without feeling bogged down by information and yet given strong takeaways. Other industries could learn from their format.
- Tools. The tools to manage the accounts, email templates, schedules, etc are well thought out. My first impression was it would add a lot of work to manage the platform, I was completely wrong about that.
- Support. Although their online management and help interfaces are generally all you need, the amount of support I have been offered has been tremendous. They are always there to help out.
- Email templates. The email templates can be glitchy- ie not showing the correct replacement parameters or vice versa not delivering what was shown.
- User management. The ability to review what individual groups or users have completed would be nice.
- Recommended path/scheduling. Although materials are provided, it would be better to have the training modules already laid out by completed and/or a recommended path. As it is, reviewing what was completed already is a bit messy.
Proofpoint Security Awareness is a MUST HAVE for your Organization
We have been phishing different departments across the company to get an initial "click" rate. The week after the initial "phish" we then send the department through a training module. The third week they are "phished" again. This process has continued until the whole company has gone through this first phase. Going forward our plan is to add a Proofpoint Module to our New Hire orientation, and we plan to do Quarterly Campaigns across the organization on different security topics.
- Proofpoint has a huge library of phishing emails to choose from. They add new examples every week.
- The training modules are fun and interactive and keep the user engaged.
- The posters, and downloadable materials are amazing and really give a great visual to support your security campaigns.
- The product is easy to use, and Proofpoint Support Staff are always available to help with any issues you have.
- After a training module is completed you will have people who have not done the assignment. I would like to see a way to auto enroll or add them to a new assignment, from the one the did not complete.
- Mostly my issues are around the people who do not finish a training and how to make the process easier for the administrator since I am doing three of these a week it is hard to keep up with the people who do not finish or even start.
Proofpoint Threatsim
- We like the ability to bulk import our user lists
- The preconfigured phish emails are convincing to the untrained eye
- The educational messages that come with the tool are very useful.
- We had some issues with getting accurate metrics, but support eventually helped us work it out.
Effective but not adapted to all business contexts
It permit to sensitize about risks linked to business activities : working remotely, surfing in an unsecured way, don't be careful with personal data etc. Moreover the product permit to adress the topics related to phishing attacks, through modules, training sessions and phishing campaigns
- Turnkey solution
- Adaptable and polyvalent content
- User support
- Easy handling of the platform
- Images (for posters, wallpapers) not really catchy
- Visuals with too many information on it (text, explanations etc.)
- E-learnings mainly in English, and with no audio track
Their database of content related to cybersecurity and content adaptability is an advantage. It allows you to have material available on many topics related to IT security.
However, the content is mainly effective for so-called "classic" campaigns and does not necessarily adapt to the scale of large groups, with specific working contexts. It does not allow the specificity of an area to be taken into account and the way the campaign is conducted to be adapted to it. For example, more interactive and entertaining content could be an advantage over traditional e-learning.
Phishing Simulations and Information Security Training
- New Employee Training
- Ongoing Information Security Training
- Phishing Exercises
- User management isn't the easiest to maintain
- Reporting is good but could be better
Get Wombat along with the rest of the Proofpoint security platform to ensure your company is well trained and protected
- Phishing templates are very nice. I am looking forward to the new customization abilities that I saw at Protect 2019
- Training modules are short but informative. Many end users would not be receptive of training modules if they were too lengthy or used too many technical terms for a non-IT end user
- Account manager is very responsive to any questions or suggestions I may have.
- Wombat could do a better job of providing a timeline of upcoming updates and features to the product, we don't seem to hear about them as much as we should I think.
- I would like to see customization of training modules happen sooner than later.
Wombat could be less appropriate if your user base is solely an IT user base, aside from that I would think Wombat or any sort of security awareness software is a necessity in your business environment.
- Teachable moments are short training aids launched for those that click on phishes
- Training can be automatically assigned
- Campaigns can be cloned making it easy to launch the next one using the last round's settings
- We have struggled to get the reporting to work as well as we would like
- The number and type of templates available could be better
- It would be nice if the solution was more flexible for loading and removing users
Proofpoint Security Awareness in Education Settings
- Email phishing campaigns.
- Providing quality training.
- The customer service has been a high quality for us.
- The template bank is overly generic and often times needs tweaking. This takes precious time I do not have.
- I have found user management difficult at times.
- More email phishing templates.
Sr IT Security Analyst
- Short easy to understand modules.
- The ability to test users on the knowledge they gained.
- The ability to execute Phishing Campaign's to validate user awareness levels.
- The delay between user actions (completing training) and that training being posed to the reporting modules sees to exceed 24 hours at times. This causes training reminders to go out to users who have completed the training.
- A functional API for management would be a tool that would be a force multiplier in departments such as ours that has limited staffing.
- One of the most important things it does well is providing support from day one. The team is very friendly, knowledge and quick to help where need be. One of the reason's why we choice Proofpoint over other leaders in the Gartner Magic Quadrant for Security Awareness Computer-Based Training was because of its team.
- Being a Proofpoint customer, Proofpoint Security Awareness Training's Phishi Alarm & Analyzer integration with Proofpoint tool's such as TRAP allowed us to use automation to help protect the company. The ability to turn all employees into part of the IT Security team, by reporting phish with a button in outlook and then to pull back out of all employees email if condemned, is very powerful. We are looking forward to what is to come as this relationship deepens.
- It has a comprehensive set of resources and tools to help support a Security Awareness Program. It is nice to be able to work with one company who does many things well vs multiple partners for different aspects of Security Awareness Training.
- The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
- If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
- Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.
- Simulated Phishing Campaigns
- Automated/Triggered Training when there is a failed campaign
- Phish Alarm & Trap Integration is crucial for your employee base helping report phish; TRAP helps to keep us all safer by pulling back reported phish from all employees inboxes.
- Identifying those employees most at risk in your company; it does not pull together how an individual is doing across the different offerings
- Getting training to your most cyber risky employees (because of the above)
- Tracking & getting training to those employees who actually cause security incidents. While we are currently using Proofpoint Security Awareness training, it is a very manual process to assign this and follow up with employee
- Annual Training: I am hopeful with the refresh of training content this will improve; the content previously was good for follow up training, but not a more engaging/comprehensive annual training
Proofpoint - proves worthy and up to the point!
- Good support (from Mr. Kurt Werner)
- Polite communication
- Good price
- Bulk management of users is very complicated and unclear
- The overall systems are lacking integrated instructions
Brings Awareness and Training to your Employees.
- Brings a high level of awareness to our people who are the last line of defense.
- Training materials/videos are good and do not take a lot of time.
- Easy to use and setup.
- Some reporting in Exchange 2013 and older do not always report users actions.
- Adding user groups take a bit of time.