Breach Secure Now vs. Cofense PhishMe vs. NINJIO

We are happy with it. It can schedule phishing tests out for months, You can run a report of what passwords are on the dark web. You can schedule when you want the trainings to be released, they continue to add new phishing campaigns and new training periodically. It is also very easy to use.

Incentivized

Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.

Incentivized

The cyber security training, paired with the phishing simulator will reduce your company's vulnerability, at the same time that it flags the localized issues, so specific groups can be targeted later on. Phishing and scamming have become less of a problem once the users were better educated on how to prevent and identify scams/phishings.

Incentivized

• Cyber Training
• Phish email testing
• Dark Web monitoring

Incentivized

• It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
• The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
• For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
• The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.

Incentivized

• Engages - People enjoy the videos, they are fun and interesting and they get people talking.
• Customer Service - NINJIOs customer service is some of the most amazing I have ever experienced in any industry.
• Simplifies - Information Security and the way breaches happen can be very complicated and technical, NINJIO manages to distill this down to easily understandable situations and ways the issue could have been avoided.
• Great Value - NINJIO offers additional peace of mind for your information security at a very reasonable cost.

Incentivized

• custom training modules
• Dark Web Monitoring alerting

Incentivized

• Completely switching to the new UI - Most is redesigned, but some old elements remain
• Ability to spoof known brands - limited in scope now and you are not allowed to use fully "convincing" campaigns that we are seeing in the wild
• Ability to own and manage own domains - right now adding a new company domain requires a ticket, allow us to add/verify ourselves

Incentivized

• Easier way to upload new users.
• Easier way to resend content to specific users.
• Better transition from video content to quiz taking.

Incentivized

Most features are very easy to setup. We have Azure sync so we sync accounts from a group in Azure, we have monthly phishing emails scheduled for up to a year out. We also have automations for when to release new trainings and what trainings show as available for each client

Incentivized

Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.

Incentivized

NINJIO has an overall easy platform to use. I'm not a fan that I have to use one hub and the Dojo to access different things. The platform does lack a few things, like timestamps of training completion and a schedule of what videos are going to come. The Dojo platform is good, overall.

Incentivized

I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.

Incentivized

Great support. Support is always there to help you whenever required. They have the quickest response to your request. They also keep monitoring the campaign launches and will notify you if you have missed any month

Incentivized

It's a must, even if you are never going to use the tool. Cofense aims to provide phishing training first and tool second.

Incentivized

There are some hiccups, but there are meant to be, when you implement something in a large scale enterprise.

Incentivized

Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.

Incentivized

Pricing is great but, if you automate the connection of new user accounts through systems like MS Azure, keep in mind that you will have to make sure to remove service accounts since they charge by a number of users connected to it. The pricing is really good and they offer a ton of features if you are willing to spend a few extra bucks.

Incentivized

Professional services are good. After the purchase, they helped us quickly to set up the account and implement it in the org to we don't waste any time

Incentivized

• Some of our clients Love the gamification of it
• We like the added phishing test emails
• Some clients do not see a great value in it though

Incentivized

• Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
• With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
• 1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.

Incentivized

• Employees have recognized dangerous emails as a result of Ninjio cyber training videos.
• Employees understand the importance and reason for our cyber security policies and adhere to them.
• Employees have learned to question the validity of emails before responding and have forwarded any suspicious emails for review by IT and most generally we correct in doing so.

Incentivized