Cofense PhishMe vs. Proofpoint Security Awareness Training

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cofense PhishMe
Score 7.2 out of 10
Enterprise companies (1,001+ employees)
Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.N/A
Proofpoint Security Awareness Training
Score 9.8 out of 10
N/A
Proofpoint Security Awareness Training (formerly ThreatSim from Wombat Security) is a cloud-based training platform that simulates threat scenarios (e.g. phishing) and also provides assessment testing developed by Wombat Technologies, which was acquired by Proofpoint in March 2018.N/A
Pricing
Cofense PhishMeProofpoint Security Awareness Training
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense PhishMeProofpoint Security Awareness Training
Free Trial
YesYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesYes
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
Cofense PhishMeProofpoint Security Awareness Training
Considered Both Products
Cofense PhishMe
Chose Cofense PhishMe
Cofense phishing simulation product is one of the best security awareness solutions that our security team has tested. The product is feature-rich and easy to navigate. Awareness templates are numerous to select from and in multiple languages, which is a big plus. Campaign …
Chose Cofense PhishMe
Cofense PhishMe has a more robust offering and better pricing structure. We used Wombat prior to them being acquired by Proofpoint.
Chose Cofense PhishMe
Cofense provides more templates. We couple the reporter service with the Triage product & managed triage service.
Cofense's support is better and more engaged. We utilized Wombat before acquisition.
Proofpoint Security Awareness Training
Chose Proofpoint Security Awareness Training
Proofpoint Security Awareness Training -- Wide offerings (training, simulated campaigns, report phish button, phish analyzer); invaluable integrations with TRAP & Phish Alarm/Analyzer; incredibly helpful and kind support, very quick to assist & knowledgeable. PSAT was and …
Chose Proofpoint Security Awareness Training
We initially shopped two products: Proofpoint Security Awareness Training (at the time, it was called Wombat) and Cofense PhishMe. After some extensive internal testing in the IT department, we concluded that Proofpoint's robust reporting and pre-baked content (tests, guides, …
Chose Proofpoint Security Awareness Training
We chose Proofpoint Security Awareness Training because we already use their email gateway. The combination of these two are very powerful!
Chose Proofpoint Security Awareness Training
I think that Proofpoint Security Awareness Training pricing is one of the main reasons that we went with them. We only have the lowest tier, and it does a pretty good job for what we pay. We are using Proofpoint for our email security solution, so we ended up saving some money …
Chose Proofpoint Security Awareness Training
All three products have the pros and cons. Since we use other Proofpoint products, TAP, TRAP, etc. the integration with PSAT is much better. The other products do not integrate with TRAP nearly as well as PSAT.
Chose Proofpoint Security Awareness Training
The decision was based on the ease of use and the better security awareness material at Proofpoint.
Chose Proofpoint Security Awareness Training
At the time we selected Proofpoint (Wombat) they appeared to have the best solution. They have a simple to use interface and the phishing platform was quite impressive. However, over time I have found that their training catalog is not as large as it could be. KnowBe4 has …
Chose Proofpoint Security Awareness Training
We already used ProofPoint so we thought it would be a better fit. The other products may have looked better but pricing was good. Do not increase pricing.
Top Pros
Top Cons
Features
Cofense PhishMeProofpoint Security Awareness Training
Security
Comparison of Security features of Product A and Product B
Cofense PhishMe
7.8
4 Ratings
7% below category average
Proofpoint Security Awareness Training
9.0
1 Ratings
8% above category average
Single sign-on capability7.44 Ratings9.01 Ratings
Role-based user permissions8.24 Ratings9.01 Ratings
Security Awareness Training
Comparison of Security Awareness Training features of Product A and Product B
Cofense PhishMe
7.3
4 Ratings
12% below category average
Proofpoint Security Awareness Training
9.4
1 Ratings
13% above category average
Training Content Library7.14 Ratings10.01 Ratings
Multilingual Training Content7.04 Ratings9.01 Ratings
Training Gamification7.13 Ratings9.01 Ratings
Industry-Specific Security Training7.73 Ratings9.01 Ratings
Individualized Security Training Plans6.93 Ratings9.01 Ratings
Phishing Simulations7.23 Ratings10.01 Ratings
Security Reporting8.03 Ratings10.01 Ratings
Integration with Security Tech Stack7.33 Ratings00 Ratings
Best Alternatives
Cofense PhishMeProofpoint Security Awareness Training
Small Businesses
Barracuda Security Awareness Training
Barracuda Security Awareness Training
Score 6.2 out of 10
Barracuda Security Awareness Training
Barracuda Security Awareness Training
Score 6.2 out of 10
Medium-sized Companies
Hoxhunt
Hoxhunt
Score 9.3 out of 10
Hoxhunt
Hoxhunt
Score 9.3 out of 10
Enterprises
Hoxhunt
Hoxhunt
Score 9.3 out of 10
Hoxhunt
Hoxhunt
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cofense PhishMeProofpoint Security Awareness Training
Likelihood to Recommend
8.6
(28 ratings)
9.0
(46 ratings)
Likelihood to Renew
9.1
(1 ratings)
7.3
(1 ratings)
Usability
7.3
(2 ratings)
8.6
(5 ratings)
Support Rating
9.1
(4 ratings)
8.3
(44 ratings)
Online Training
9.1
(1 ratings)
-
(0 ratings)
Implementation Rating
8.2
(1 ratings)
-
(0 ratings)
Vendor post-sale
9.1
(1 ratings)
-
(0 ratings)
Vendor pre-sale
9.1
(1 ratings)
-
(0 ratings)
User Testimonials
Cofense PhishMeProofpoint Security Awareness Training
Likelihood to Recommend
Cofense
Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
Read full review
Proofpoint
Perfect for regular (monthly) training of staff versus a "one and done" annual assignment on Cyber Security. Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress
Read full review
Pros
Cofense
  • It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
  • The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
  • For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
  • The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.
Read full review
Proofpoint
  • Proofpoint has a huge library of phishing emails to choose from. They add new examples every week.
  • The training modules are fun and interactive and keep the user engaged.
  • The posters, and downloadable materials are amazing and really give a great visual to support your security campaigns.
  • The product is easy to use, and Proofpoint Support Staff are always available to help with any issues you have.
Read full review
Cons
Cofense
  • Completely switching to the new UI - Most is redesigned, but some old elements remain
  • Ability to spoof known brands - limited in scope now and you are not allowed to use fully "convincing" campaigns that we are seeing in the wild
  • Ability to own and manage own domains - right now adding a new company domain requires a ticket, allow us to add/verify ourselves
Read full review
Proofpoint
  • The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
  • If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
  • Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.
Read full review
Likelihood to Renew
Cofense
No answers on this topic
Proofpoint
  • The product is great for what we use it for
  • We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
  • The package/service as a whole is incredibly helpful
  • The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.
Read full review
Usability
Cofense
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
Read full review
Proofpoint
Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries
Read full review
Support Rating
Cofense
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
Read full review
Proofpoint
Proofpoint support has always been above average. A lot of companies provide a customer service manager for your account but few have proved as connected as Proofpoint. The CSM was able to give us a good start with the product and checked in periodically. I found them always helpful with any questions and very knowledgeable about the platform.
Read full review
Online Training
Cofense
It's a must, even if you are never going to use the tool. Cofense aims to provide phishing training first and tool second.
Read full review
Proofpoint
No answers on this topic
Implementation Rating
Cofense
There are some hiccups, but there are meant to be, when you implement something in a large scale enterprise.
Read full review
Proofpoint
No answers on this topic
Alternatives Considered
Cofense
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.
Read full review
Proofpoint
All three products have the pros and cons. Since we use other Proofpoint products, TAP, TRAP, etc. the integration with PSAT is much better. The other products do not integrate with TRAP nearly as well as PSAT.
Read full review
Return on Investment
Cofense
  • Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
  • With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
  • 1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.
Read full review
Proofpoint
  • I don't have any tangible numbers to provide, but we definitely have an increase in the number of staff reporting suspicious emails and fewer people clicking on phishing emails.
  • The cost we are paying per employee (<$2 pp)is low enough that we can consider this a "benefit" we offer to our employees. The knowledge gained can also be applied to your personal life with similar threats.
Read full review
ScreenShots

Cofense PhishMe Screenshots

Screenshot of Image 1 – Board of Directors (BOD) report showcasing results of your phishing defense programScreenshot of Image 2 – Create New Scenario PageScreenshot of Image 3 – Intelligent Program Automation using PlaybooksScreenshot of Image 4 – Organizational Suspicious Email Reporting StatisticsScreenshot of Image 5 – Phishing Scam Announcement Templates