Barracuda's Security Awareness Training (formerly Barracuda Phishline) provides a suite of applications supporting phishing social engineering simulations with data analytics for evaluation of results as well as targeted training and education to boost readiness. PhishLine was acquired by Barracuda in January 2018, and is now part of Barracuda's security portfolio.
N/A
Cofense PhishMe
Score 7.4 out of 10
Enterprise companies (1,001+ employees)
Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.
Barracuda Security Awareness Training is well suited for companies that are looking to automate and schedule phishing simulation, education, and training on a regular basis. It would be less appropriate for companies that already have a security awareness training platform already implemented.
Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
The software helps us create emails that look exactly or almost exactly the same as the phishing emails we found in our email gateway.
We already use the ESS gateway from Barracuda Networks, and in the TEP bundle, this software is included, so it's not that much work to also configure this.
In the software, we can see reports on how our users performed. We can make a selection of users that are more prone to click on "false" links, and this way, we can help them individually.
It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.
Providing animated templates for custom campaigns would be helpful, potentially a "builder site" where templates could be put together with custom questions/answers.
Reporting through functional could use some work. We typically create phishing tests to help our users learn how to spot concerns, and the reports do not provide who actually "reported" the phish as opposed to who did not. This has been a year-long request to Barracuda, and the same issue is present in our campaigns as well.
We would love to see an annual release of new training topics and campaign ideas.
Although cost competitive, we still feel like we are not digging deep enough to train our staff. We have little to no way other than digging through reports that have not proven to be adequately documented (hey you, Barracuda campaign reports) to identify and require users to take more training who have not passed their requirements.
Once you are started it is great. The only issue is to get started. The administrator interface [I feel] is not intuitive enough. It lacks some kind of quick start wizard. The templates are good and fit several regions. So we can do our Belgian campaign and French campaign, each with a different template.
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
Working with Barracuda PhishLine support is always a good experience. They are very professional, they are attentive and they are courteous. When I first purchased Barracuda PhishLine a few year ago it was new to them as well. At the time, the support staff could been better trained. That said, they worked hard to help and resolve my issues.
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
365 defender has a tool for user security training, it is much more rudimentary than Barracudas, but the interface is much nicer. Both offer email attack testing, reporting, and training, but barracuda offers additional attack types, like file and SMS testing. Both seem to come free with other software and can be brought as add-ons.
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.
Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.
