Cofense PhishMe vs. Darktrace vs. KnowBe4 Security Awareness Training

Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.

Incentivized

Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.

Incentivized

I don't have any frame of reference for comparison, but the training that I have used has proved impactful for my staff. Since starting KnowBe4 training, we've seen a great increase in the number of phishing attempts, but also a great increase in the number of attempts that have been recognized by staff, and we have thus not been the victim of phishing or other cyberattact vectors

Incentivized

• It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
• The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
• For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
• The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.

Incentivized

• Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
• Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
• Darktrace comes with it autonomous AI model detection and responses capabilities.
• Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.

• Phish tests can be set to various difficulty levels as staff becomes more knowledgeable in catching phish emails.
• Automated phish tests and training save a lot of admin time. The product can also test for phone and USB stick practices.
• The phish alert button in Outlook, along with PhishER and PhishFlip allow easy managing and response to actual phishing emails.
• The interactive training is well designed to cover all types of phishing and safe email and phone behavior.

Incentivized

• Completely switching to the new UI - Most is redesigned, but some old elements remain
• Ability to spoof known brands - limited in scope now and you are not allowed to use fully "convincing" campaigns that we are seeing in the wild
• Ability to own and manage own domains - right now adding a new company domain requires a ticket, allow us to add/verify ourselves

Incentivized

• There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.

Incentivized

• The provided templates for phishing simulations are mainly available in English. There are also some templates available in our native language, but their number is small. We have seen other platforms offer way more phishing simulation templates in our language.
• Although there is a really huge number of training videos available, some of them are outdated and no longer have much to offer. Some cleaning up could help in this direction.
• Although there a some games / puzzle like trainings available, we have seen other platforms offer more and better ones (on the other platforms had they had almost no videos at all...). It would help significantly to also invest in enriching the provided puzzles / games.
• We have seen other platforms offer games, where, for example, employees of the company can compete against each other while working together in groups to achieve a common goal (e.g., eliminate a fictional security threat that has "hit" the company. Plan the steps needed to be taken, take the steps one after another and have a chance to see the impact each action has. At the end the team that has suffered the least cost to end the threat is the one that wins. Just an example. The point is to make this challenging, using gamification and to make the employees part of the prevention force of the company against cybersecurity threats.

Incentivized

It's a powerfull product that help administrators to provide email security to our organization.

Good metrics about received emails that help us to determine in doubt case if the email is a false positive or it's malware.

They're improving the product releasing continuous updates and have mobile phone app to manage it.

Incentivized

Between the ease of use, cost effectiveness, functionality and continued improvements Knowbe4 continues to make it would be pretty hard to find another competitive product that wraps it all up like KnowBe4 has. Not saying it couldn't happen, but haven't seen anything that competes at this point.

Incentivized

Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.

Incentivized

The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs

Incentivized

KnowBe4 Security Awareness Training is simple to use, simple to administer, effective, with quality content. It is easy to take the training and we have the reminders set so that the longer a user puts the training off, the more frequently they will receive reminder emails. Eventually they get emailed every day until they take the training. But with a simple click, they can get into the training content.

Incentivized

There have only been a handful of outages in the 2 years we have had the product. Even during those instances, parts of the system were still operational

Incentivized

Pages load quickly, filter/sort quickly, and don't slow down or freeze. Everything is smooth and very easy to use. There are a places in the UI where you can forget how to get there, but other than that everything is great. We have had no issues using any part of the website.

Incentivized

I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.

Incentivized

Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.

Incentivized

Tech prod support is great! I did have to ask for a new customer success rep, needed a more experienced person to match my 12 years of experience running Cybersec training programs. Would suggest that more matching of rep level of knowledge to client level knowledge would help.

Incentivized

Helpful and knowledgeable account managers have helped us navigate and use the system to our full potential

Incentivized

It's a must, even if you are never going to use the tool. Cofense aims to provide phishing training first and tool second.

Incentivized

confusing question. I inherited this application so I didnt get any formal training other than the person who was leaving. The CSM provided some later on when I asked in a zoom call

There are some hiccups, but there are meant to be, when you implement something in a large scale enterprise.

Incentivized

The implementation went really well and KnowBe4 was there the whole time on setup to make sure things were setup correctly. The only thing we had to figure out on our own was to script users automatically being added to security groups. So that when they sync to knowBe4 from AD they are placed into the same/correct groups.

Incentivized

Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.

Incentivized

We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.

Incentivized

KnowBe4 offered a significantly more favorable cost-benefit ratio compared to other solutions. Its seamless integration with our existing infrastructure—particularly Active Directory and email systems—was the most compatible with our operational and security requirements.

Incentivized

I was not involved in the pricing, billing or contract terms.

Incentivized

The product scales greatly. As long as you upgrade the license to support the number of users you are needing, adding in those new users is easy. Also getting those users set up with trainings/campaigns is very easy as well

Incentivized

The team was great to work with and took their time to ensure that we knew what we were doing with the product and that it was set up to meet the specific needs of our organization. This wasn't just a cookie-cutter deployment, but rather they focused specifically on our needs.

Incentivized

• Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
• With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
• 1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.

Incentivized

• One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
• If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
• You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.

Incentivized

• With the implementation of KnowBe4 Security Awareness Training, we have reduced a lot of issues of social engineering attacks like Phishing attacks, Smishing attacks, Vishing attacks, and a lot more. After implementing the KnowBe4 Security Awareness Training, we have seen a significant decrease in the clicking on a phishing email. Now users are aware of phishing attacks and they know how to react to them.
• With KnowBe4 Security Awareness Training, we got another tool Phish Alert Button that we have installed on the user's outlook and after providing training on these topics, now we are receiving a lot of spam report emails are users are protecting them from clicking and just reporting it to the IT team.
• With the Phishing test, we are seeing the growth and analyzing how our users will react in the case of a real phishing attack, and with this, we are providing more training to them and going with them as per the test report. This whole process is making our company more stronger against any type pf social engineering attack.
• After implementing KnowBe4 Security Awareness Training, we have seen a lot of improvements in the account compromise case in our company because users are not clicking on fake links now.

Incentivized