Abnormal Security, headquartered in San Francisco, offers a secure email gateway to that protects Microsoft 365 and Google Workspace accounts with AI threat detection. The solution is designed to prevent phishing and scams, high-level account impersonation, or supply chain attacks (i.e. invoice fraud).
N/A
KnowBe4 PhishER/PhishER Plus
Score 9.0 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
$0.75
per month (billed annually) per seat
Pricing
Abnormal Security
KnowBe4 PhishER/PhishER Plus
Editions & Modules
No answers on this topic
3001-5000 Monthly Pricing Per Seat
$0.75
per month (billed annually) per seat
2001-3000 Monthly Pricing Per Seat
$0.85
per month (billed annually) per seat
1001-2000 Monthly Pricing Per Seat
$1.00
per month (billed annually) per seat
501-1000 Monthly Pricing Per Seat
$1.15
per month (billed annually) per seat
101-500 Monthly Pricing Per Seat
$1.50
per month (billed annually) per seat
Offerings
Pricing Offerings
Abnormal Security
KnowBe4 PhishER/PhishER Plus
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
Contact vendor for pricing information.
PhishER is a monthly per seat price, billed annually.
Abnormal Security blocks malicious emails that both PhishER and Cisco Secure Email Threat Defense miss. One thing that PhishER does have is the ability to flip a malicious message into a user education phishing email. That's cool, but I think we can just copy/paste the same …
Abnormal is on an entirely nother level both in cost and functionality. Costs is 25x but is borderline magic. Barracuda was finicky and cost more. Defender for email we already had but falls short in a lot of areas, especially with the reporting piece.
Another local organization was compromised, and we were one of the targets of their further attempts. We were 100% protected because the behavioral analysis protected us, but also allowed me to contact that organization and report their compromise. This has actually happened more than one time since going live.
It is great for giving employees an easy to use tool to report phishing emails & is a good assistant to the IT Security Team reviewing those reports to make a determination & respond accordingly. there are some good automation capabilities like automatically detection spoofs of executives or automatically labelling clean emails & sending notification to reporter.
Spam filtering...we have been able to turn our spam sensitivity down on Exchange allowing more legitimate messages through to user inboxes.
Malicious email filtering...we experienced several successful phishing attacks over the past year. Abnormal Security has prevented hundreds of individual campaigns since going live in August '22. I cannot thank them enough!
Automated response for reported emails...my team is small and we do not have enough hours in a day to review and respond to each reported email. Abnormal Security performs additional analysis on those reports and automatically responds for us. If the message is spam or malicious, copies of those emails are looked for throughout the server and deleted.
KnowBe4 Reporting needs improvement by adding more flexibility.
Customizing Reports is a very cumbersome process.
Browsing my Library under "Modstore", I should be able to see if an item was used or not, how many times, or filter by "Usage".
Phishing Templates: create or modify Template - need the ability to embed an image (either by copy and paste or by selecting one from local computer. Currently, the only way is to use a URL that pints to an image.
Landing page of the Modstore: please add ability to change the results in "Detailed List" in addition to the "Tiles".
Phish/ER: Add the ability to Block an email or a URL with "Never Expires" option. Currently, the maximum is "60 Days". As a result, I have to go to the "Tenant Allow/Block List" on Microsoft 365 and add entries manually. That defeats the feature in Phish/ER to block from its "Console".
Phish/ER: There are some well known URLs and Domains to be safe. For example, https://aka.ms/LearnAboutSenderIdentification. Such URL should not be listed under "Domains & URLs" when viewing "Message Details". At least, do not allow admins to "Block" it by greying out the option to block. If, by mistake, someone blocked that URL, all messages company-wide will get blocked. That happened with me and everyone struggled to find out why emails are being blocked, including "KnowBe4 Support". It took a while until we were able to find out what was happening.
Phish/ER Reports are extremely limited. A lot needs to be done to offer more visibility.
Phish/ER Rules: It is time to introduce a Point & Click alternative to Yara.
Modstore: Introduce more Training modules that does not include drama or acting, just strictly instructional training. My users' community, especially execs, ask for those that are not drama or cartoonish.
Modstore: Although that might be outside the scope of Cybersecurity, it would be beneficial to have some training modules that teaches users about "Computer Basics". A considerable number of users do not have the basic knowledge of how a computer works, what are the different types of files, how files et stored, what is an Operating System. It is true that we, as admins, make sure they know before getting them on a corporate system. But the fact is that doe not happen in reality. You get a new user and asked to onboard him / her in a few hours. I would consider that type of training to ba an integral part of Cybersecurity awareness.
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
For the average system admin the UI and functionality is very intuitive and requires very little explanation. When an explanation is needed, it is answered in the documentation. Occasionally there are issues with the report button showing in Microsoft Outlook but is usually resolved with an update to Outlook and restarting Outlook.
Abnormal Security blocks malicious emails that both PhishER and Cisco Secure Email Threat Defense miss. One thing that PhishER does have is the ability to flip a malicious message into a user education phishing email. That's cool, but I think we can just copy/paste the same info into a custom campaign.
Arctic Wolf also offers a similar product to PhishER using their Phish Tell engine. However, it was severely lacking in terms of workflow automation. Switching to Arctic Wolf's email reporting and response product would have increased the number of manual hours spent on email security and ensuring that end users were informed of whether the email they reported was malicious or clean.
The KnowBe4 PhishER was purchased by us to provide an easy tool that will help the end-users to report suspicious emails and also help us to analyze all the reported emails in one place and this tool fits our requirements.
The price of KnowBe4 PhishER is not too expensive, with the features it provides and the capabilities this tool has, it is a reasonable price and you will get a discount and extra months as well if you are looking for a long-term contract.
In terms of technical aspects, it detects the pattern, URL and malicious files in the email perfectly.
