Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.
N/A
Pricing
Cofense PhishMe
Editions & Modules
No answers on this topic
Offerings
Pricing Offerings
Cofense PhishMe
Free Trial
Yes
Free/Freemium Version
No
Premium Consulting/Integration Services
Yes
Entry-level Setup Fee
No setup fee
Additional Details
—
More Pricing Information
Community Pulse
Cofense PhishMe
Considered Both Products
Cofense PhishMe
Verified User
Program Manager
Chose Cofense PhishMe
PhishMe is a market leader in terms of phishing simulation solutions. The customization appears unmatched when compared with competitors and the support we have experienced from Cofense has been excellent. Phish me offers lots of realistic templates which are updated regularly …
Cofense phishing simulation product is one of the best security awareness solutions that our security team has tested. The product is feature-rich and easy to navigate. Awareness templates are numerous to select from and in multiple languages, which is a big plus. Campaign …
Cofense PhishMe is a very usable and customizable suite and compared to a previous product, it's hard to go back. After using [Cofense] PhishMe, I don't want to look for another product since the features are rich and the usability is relatively straightforward. Information and …
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios …
Cofense PhishMe is price competitive and provides lots of value. We are also utilizing Cofense's other products such as Triage, Vision, and Report PhishMe. We are seeing lots of value from these products and hopefully, your company will see some value also. Support also is …
I have not used similar kinds of products previously. So this is hard for me to compare anyone here. But as long as I used PhishMe I loved it. The ease of use, the neat designs, and distinct tabs help reduce the clutter. The learning curve to get comfortable with the tool is …
Cofense provides more templates. We couple the reporter service with the Triage product & managed triage service. Cofense's support is better and more engaged. We utilized Wombat before acquisition.
Cofense is more comprehensive in its offerings given that the field of email security and email-related staff awareness is their focus area, while for Cymulate, it is only a component of testing and nothing else. Hence, it was quite beneficial to use Cofense in that regard.
Cofense was selected as a vendor before I was in this role. Another vendor was evaluated for additional security awareness training but not to replace the Cofense PhishMe program. We also looked at Ninjio to supplement our phishing education program.
We chose PhishMe due to its ease of use and integration. The many different scenarios available and the price point were the main selling points vs the competitors.
For reporter, we've used GoSecure IDR. KnowBe4 is probably the biggest paid competitor I've seen and tried a demo.
For opensource, things like GoPhish or the Social Engineering Toolkit within Kali Linux aren't bad. Both require more effort, so you either pay Cofense for ease of …
We haven't used another provider. However, we used our internal phishing simulation solution prior to contracting Cofense. The internal solution gives you more flexibility (you can send emails to any domain and can impersonate any company) but you'd be missing the Reporter …
Our previously used product was SANS ACLP. This wasn't an altogether horrible product and for the time we used it the purpose for its use was served. We had multiple issues though with how this product delivered emails, captured clicks, and generated reporting once the …
We closely looked at KnowBe4's platform as well when it came time to renew. We chose to continue with Cofense because we already had over a year's worth of data in the platform that we would lose by switching vendors.
I have not used any other products that do the same thing as PhishMe. I was not the decision maker in deploying PhishMe so I can not comment as to why we chose it or any other similar competitors in the field. PhishMe works well for what we use it for.
Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.
Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.