KnowBe4 PhishER vs. Metasploit

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
KnowBe4 PhishER
Score 8.8 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
$0.50
per month per seat
Metasploit
Score 9.9 out of 10
N/A
Metasploit is open source network security software described by Rapid7 as the world’s most used penetration testing framework, designed to help security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness.N/A
Pricing
KnowBe4 PhishERMetasploit
Editions & Modules
3001-5000 Monthly Pricing Per Seat
$0.50
per month per seat
2001-3000 Monthly Pricing Per Seat
$0.55
per month per seat
1001-2000 Monthly Pricing Per Seat
$0.65
per month per seat
501-1000 Monthly Pricing Per Seat
$0.75
per month per seat
101-500 Monthly Pricing Per Seat
$1.00
per month per seat
No answers on this topic
Offerings
Pricing Offerings
KnowBe4 PhishERMetasploit
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeOptionalNo setup fee
Additional DetailsPhishER is a monthly per seat price, billed annually.
More Pricing Information
Features
KnowBe4 PhishERMetasploit
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
KnowBe4 PhishER
7.6
63 Ratings
11% below category average
Metasploit
-
Ratings
Company-wide Incident Reporting7.852 Ratings00 Ratings
Integration with Other Security Systems6.847 Ratings00 Ratings
Centralized Dashboard7.862 Ratings00 Ratings
Machine Learning to Prevent Incidents7.754 Ratings00 Ratings
Live Response for Rapid Remediation7.855 Ratings00 Ratings
Best Alternatives
KnowBe4 PhishERMetasploit
Small Businesses
ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.8 out of 10

No answers on this topic

Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Veracode
Veracode
Score 8.4 out of 10
Enterprises
Hoxhunt
Hoxhunt
Score 9.3 out of 10
Veracode
Veracode
Score 8.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
KnowBe4 PhishERMetasploit
Likelihood to Recommend
9.2
(68 ratings)
10.0
(6 ratings)
Likelihood to Renew
8.6
(4 ratings)
-
(0 ratings)
Usability
8.2
(3 ratings)
-
(0 ratings)
Support Rating
8.5
(3 ratings)
7.0
(1 ratings)
Implementation Rating
9.1
(1 ratings)
-
(0 ratings)
Configurability
8.2
(6 ratings)
-
(0 ratings)
Ease of integration
8.2
(1 ratings)
-
(0 ratings)
User Testimonials
KnowBe4 PhishERMetasploit
Likelihood to Recommend
KnowBe4
I have been able to create customized simulated phishing campaigns that are really testing our users ability to "spot the fake." That coupled with the training campaigns that are included make it much more likely that our users will be better prepared to protect our organization by being able to recognize common industry threats, and brings awareness to less common threats that are out there. I love that they have a shared folder full of relevant, recent real-world scams that we can choose from to train our user base.
Read full review
Rapid7
It is easy to use with sufficient documentation on how to use the tools for end users or newbies. Experienced testers will find it easy to customise and configure the test cases. Just wished that I could have taken up a course on using this tool in my study days so that I could had explored more and improved my familiarity with the tool, unlike when working where access and time to explore the other features of the tool is limited
Read full review
Pros
KnowBe4
  • Analysis and classification of phishing emails using machine learning
  • Response to reporting users with personalised emails template
  • Automatic response and actions using integration with Microsoft
  • Good dashboard with reporting and KPI
  • Integration with others product to improve scan and analysis
  • It improves users' security awareness and behavior as receiving an immediate response with the analysis result improves the ability to recognize a phishing email
Read full review
Rapid7
  • Scanning our network for new or existing vulnerable systems.
  • Automation of manual tests and exploits to allow what used to be days of effort to be squeezed into hours.
  • Metasploit has become an integral part in our validation of new systems before their inclusion in our production network.
Read full review
Cons
KnowBe4
  • Enhancing the automated response capabilities, such as directly initiating remediation processes or integrating with other cybersecurity tools, could further streamline the threat management process.
  • Implementing a feedback system where users can be informed about the outcome of their reported emails might encourage more proactive engagement.
  • the reporting tool is not as streamlined on mobile devices as it is on desktops. Enhancing mobile functionality would be beneficial
Read full review
Rapid7
  • Have encountered issues with updating especially after moving from BackTrack to Kali.
  • Sometimes it gets a little buggy, but that's a rare occurrence.
Read full review
Likelihood to Renew
KnowBe4
Phish ER has reduced the time my team and I spend on reported emails by over 80%. With the volume of emails reported and a small team this is a must have.
Read full review
Rapid7
No answers on this topic
Usability
KnowBe4
The configuration is a bit complicated, but easy once you get the hang of it. Once configured, it is easy to manage our malicious emails that are reported by our staff.
Read full review
Rapid7
No answers on this topic
Support Rating
KnowBe4
Support has been easy to get along with and easy to understand.
Read full review
Rapid7
We don't use it.
Read full review
Implementation Rating
KnowBe4
Work with support or rep for some basic steps, the rest is pretty straight foward.
Read full review
Rapid7
No answers on this topic
Alternatives Considered
KnowBe4
KnowBe4 PhishER has a lot of features that other companied does not have. Its AI capability, integration with VirusTotal, PhishRIP and PhishFlip features make it totally different from other solutions. Its Phish Alert Button directly installed on users Outlook without affecting them and the reporting technique is very simple, just clicking on the Phish Alert Button and the email will be directly reported to the KnowBe4 PhishER dashboard. KnowBe4 PhishER dashboard is a very good example of centralized dashboard where you can find all things related to that reported email.
Read full review
Rapid7
Metasploit is an all around good suite of tools to test and validate potential vulnerabilites. Other tools have bits and pecies such as Nmap, Nessus, Burp Suite, etc. but Metasploit can function in the same way but more.
Read full review
Return on Investment
KnowBe4
  • It has greatly increased phishing / security awareness by our staff by having a designated button & process for reporting phishing emails
  • It provides greater protection through the ability to delete emails from multiple recipients even if not all of them reported the email
  • It saves time for me to have to evaluate whether or not an email reported is a real threat through the ML/AI/VirusTotal scores
Read full review
Rapid7
  • If you prevent an attack you will save a lot of money.
  • There is a free version that has a lot of useful exploits.
  • You can run it in an open source OS.
Read full review
ScreenShots

KnowBe4 PhishER Screenshots

Screenshot of This is a diagram of the PhishER workflow. Reviewing the PhishER workflow before getting started will provide an understanding of how PhishER, PhishRIP and PhishFlip work.Screenshot of The Reports screen will display five different dashboards of information.Screenshot of When entering the PhishER platform, the first screen that appears is the Dashboard. Here, a quick overview of the PhishER platform will appear.