Barracuda Email Protection vs. Proofpoint Security Awareness Training

I would definitely recommend it due to the decent pricing. I wish the MS built-in M365 tools were better, but Barracuda does a good job of taking their place. For industries that need DLP on their email, like healthcare, banking, and education, Barracuda provides a reliable product for a good cost. The additional services you get, malware/AV filtering, URL filtering, spam protection, business continuity, those are all icing on the cake. The only issues we've ever really had with them is that it will sometimes take a back/forth string of emails and decide randomly to encrypt it, so what was a flowing benign conversation is now locked behind a wall for recipients. As the sender, you have no idea when it's going to decide to do this and have to remember to tag emails with a decrypt tag long before it happens or face the consequences

Incentivized

Perfect for regular (monthly) training of staff versus a "one and done" annual assignment on Cyber Security. Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress

Incentivized

• Barracuda Essentials Spam Filtering works and it is very easy to add or remove senders from the Spam filter lists.
• Barracuda Essentials provides excellent protection from Phishing and other Malware.
• Barracuda Essentials email encryption is so easy to use and easy to setup. Our users love it.

Incentivized

• Proofpoint has a huge library of phishing emails to choose from. They add new examples every week.
• The training modules are fun and interactive and keep the user engaged.
• The posters, and downloadable materials are amazing and really give a great visual to support your security campaigns.
• The product is easy to use, and Proofpoint Support Staff are always available to help with any issues you have.

Incentivized

• The product is pretty solid so I am not sure how it can be improved. One thing I noticed recently, I am not getting the emails back from Sentinel when I send in a "miss". Used to be I got an email back saying "sorry we missed this, we are improving." That does happen anymore, so I am assuming that when I send a miss, the AI is getting better.
• I would expand this to cover all kinds of email fraud like ransomware and spam rather than creating another product.

• The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
• If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
• Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.

Incentivized

Although cost competitive, we still feel like we are not digging deep enough to train our staff. We have little to no way other than digging through reports that have not proven to be adequately documented (hey you, Barracuda campaign reports) to identify and require users to take more training who have not passed their requirements.

Incentivized

• The product is great for what we use it for
• We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
• The package/service as a whole is incredibly helpful
• The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.

Incentivized

Regarding usability, we like it to be an easy solution to implement and configure on the server. Routine backups are made frequently and reports are issued for control and analysis by information security teams. It has great integration with the cloud and encryption.

Incentivized

Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries

Incentivized

I have not had to use customer support yet which goes to show the effectiveness of the program. It also shows how easy the program is to use for the average person with no experience using this type of program. Our IT department also does a great job at teaching us to detect emails with malware that in combination with this software issues rarely arise even though we have over 500 employees.

Incentivized

Proofpoint support has always been above average. A lot of companies provide a customer service manager for your account but few have proved as connected as Proofpoint. The CSM was able to give us a good start with the product and checked in periodically. I found them always helpful with any questions and very knowledgeable about the platform.

Incentivized

It was "stupid easy" from the technical side.

We have used several email solutions over the years, some were bought and killed off by larger companies. Barracuda Email Protection offers a very complete solution and has all the tools that we were looking for, and our MSP offered it.

Incentivized

All three products have the pros and cons. Since we use other Proofpoint products, TAP, TRAP, etc. the integration with PSAT is much better. The other products do not integrate with TRAP nearly as well as PSAT.

Incentivized

• This tool was supplied free with out Email Security, so its come at no cost
• This tool has helped us meet requirements by our insurance to train users on the risks of phishing
• However, the dated interface slows down what should be seamless adoption

Incentivized

• I don't have any tangible numbers to provide, but we definitely have an increase in the number of staff reporting suspicious emails and fewer people clicking on phishing emails.
• The cost we are paying per employee (<$2 pp)is low enough that we can consider this a "benefit" we offer to our employees. The knowledge gained can also be applied to your personal life with similar threats.

Incentivized