PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
$0.75
per month (billed annually) per seat
Microsoft Defender for Endpoint
Score 8.8 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Pricing
KnowBe4 PhishER/PhishER Plus
Microsoft Defender for Endpoint
Editions & Modules
3001-5000 Monthly Pricing Per Seat
$0.75
per month (billed annually) per seat
501-1000 Monthly Pricing Per Seat
$1.15
per month (billed annually) per seat
101-500 Monthly Pricing Per Seat
$1.50
per month (billed annually) per seat
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
Offerings
Pricing Offerings
KnowBe4 PhishER/PhishER Plus
Microsoft Defender for Endpoint
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
For organizations with over 1,000 seats, contact sales for a quote.
Microsoft's backed in email reporting tool is good but the time to resolution varies for all messages. It claims that it will help train filters to better classify messages into the tenant, but we have not seen much of that.
Barracuda offered a similar product to PhishER but …
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well.
Definitely on the threat action and response. We didn't have a stress-response option before, but the dependent brand point provided it instantly. Also, it's doing UVA and machine learning, which we didn't have before. So it's definitely providing more sophisticated threat-detection capabilities than we had before.
PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides.
The only thing is sometimes, because Microsoft has so many platforms, it gets a little confusing, like am I in the security platform? Am I in Purview? Where am I at right now? Because there's so many sites that are kind of doing a lot of the same thing, and so that does get a little confusing from time to time, but outside of that, it's a pretty good product.
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
I give it an eight for the feature set. While I only give it an eight because the complexity and interconnectedness of the tools mean that there needs to be quite a bit of RTFM to get the most out of the products.
Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
I haven't needed to reach out to support very often, but when I have the responses have been timely and have provided the solutions I have needed. The support has been friendly and have always been able to resolve any issues that have come up.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Harmony does not provide security awareness training or simulated phishing emails like KnowB4. However, it does provide a phish alert button & workflow similar to PhishER & we may stop using PhishER because the Phish Alert reports from PhishER don't feed into Harmony to help train it from phishing emails that go through. We got Harmony after KnowB4 because we needed a tool to PREVENT phishing emails from getting to people's inboxes in the first place, which KnowB4 has very little capability for other than PhishER+ blacklists. It is a shame KnowB4 does not have the anti threat phishing prevention like Harmony considering all the email data it has & its existing AI analytic capabilities.
Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding additional agents. Some of the other vendors and their agents, for a while, would compete with CPU usage. And so it actually slowed down the machines. Because Microsoft Defender for Endpoint is built into the Windows product, Microsoft is going to ensure that it does not affect the other productivity tools that a user may use.
Phish/ER & PAD: Identifying email threats more quickly allowed us to send alert to the users' community in a timely manner based on the pattern of the threat.
KnowBe4 Training Campaigns have proven to noticeably increase users' awareness.
KnowBe4 Phishing Campaigns made users realize how dangerous and deceiving hacker can be.
