Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.
N/A
Hoxhunt
Score 9.4 out of 10
N/A
Hoxhunt, headquartered in Helsinki, empowers employees to shield their organisations with adaptive learning flows that transform how employees react and respond to the growing amount of phishing emails.
N/A
Pricing
Cofense PhishMe
Hoxhunt
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense PhishMe
Hoxhunt
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
No setup fee
Optional
Additional Details
—
—
More Pricing Information
Community Pulse
Cofense PhishMe
Hoxhunt
Features
Cofense PhishMe
Hoxhunt
Security
Comparison of Security features of Product A and Product B
Cofense PhishMe
7.8
4 Ratings
10% below category average
Hoxhunt
9.6
58 Ratings
11% above category average
Single sign-on capability
7.44 Ratings
9.754 Ratings
Role-based user permissions
8.24 Ratings
9.545 Ratings
Security Awareness Training
Comparison of Security Awareness Training features of Product A and Product B
Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
If emails are used for confidential communication, Hoxhunt is a HUGE benefit. I have caught myself feeling lax over emailing and clicking links. Hoxhunt makes you really evaluate safety and legitimacy of the emails that are received. We even have laughs about it at staff meetings where staff admit to getting "hoxhunted" and clicking a fake link.
It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.
Training Packages - They cover a wide range of topics that spam emails, social media and physical security such as USB sticks
Achievements as incentives - The gaming style of collecting achievements and stars for reporting emails or completing training incentivizes people to engage in a consistent and enthusiastic way.
Training Emails - They are able to replicate phishing emails in a realistic way, so it isn't easy to spot straight away meaning we now look at every email with a critical eye which makes us safer.
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
it is very easy to use. it is clear and provides information as to why the type of email is one to look out for. It automatically takes you to the required information when you have spotted that it is a Hoxhunt email.
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.
Symantec was something I used in my previous company, it had some issues once in a while where I had to re-generate the code for my new ID. I know its for over all protection, but if I didn't have my phone that day, I'd be unable to log in. Hoxhunt helps that way as there is a SSO authentication and needs the fingerprint, I guess it works different for different companies based on their regulations and privacy protection. Haven't really used any other tool like this
Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.
