KnowBe4 Security Awareness Training vs. Proofpoint Security Awareness Training

KnowBe4 Security Awareness Training is well suited for a variety of industries and user groups. Topics range from less advanced, intermediate and advanced. I cannot think of areas of user groups that are not applicable. The best scenarios encompass common use cases for anyone who accesses the internet or uses e-mail applications.

Incentivized

Perfect for regular (monthly) training of staff versus a "one and done" annual assignment on Cyber Security. Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress

Incentivized

• Many options to choose from so your users don't always see the same thing
• Provides short (around 15 minutes) training sessions so users don't have to take a lot of time out of their day to finish
• Allows for the administrator to 'customize' or brand the training to their company's brand

Incentivized

• Proofpoint has a huge library of phishing emails to choose from. They add new examples every week.
• The training modules are fun and interactive and keep the user engaged.
• The posters, and downloadable materials are amazing and really give a great visual to support your security campaigns.
• The product is easy to use, and Proofpoint Support Staff are always available to help with any issues you have.

Incentivized

• Campaigns can be a little daunting to setup.
• Some of the training is campy like the Hacker Christmas gift exchange.
• If you have mobile users they do not have a simple way to flag a potential phishing email like a laptop user can.

Incentivized

• The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
• If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
• Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.

Incentivized

No question, KnowBe4 Security Awareness Training is a great value to our organization. Properly training our users in the proper use of email and how to be aware of possible dangerous emails is incredibly important now. Also, training users in the best practices for phone calls, as well as internet browsing can prevent data or information from being stolen or exposed. Users have even benefited when using their personal devices as a result of the trainings they have received at work.

Incentivized

• The product is great for what we use it for
• We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
• The package/service as a whole is incredibly helpful
• The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.

Incentivized

The rating is, assuming, you have either used much more complex administrative panels before or you're old enough that you have a bit of wisdom. I suspect some of the youngest of today's workforce might find the administrative UI a bit old-school and difficult to make logical sense of. However, if you take it one link at a time and give yourself a day to read through their very detailed documentation, it's a very straightforward system with little room for surprises.

Incentivized

Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries

Incentivized

KnowBe4's product has always been available as needed. We have new hire orientation periodically and phishing campaigns scheduled throughout the year. KnowBe4 is like the person you hired to do a job and they just show up day after day and complete it in exemplary fashion. I think we had an erroneous report once early on, but that was due to a configuration error on our part if I remember correctly

Incentivized

Pages load quickly, filter/sort quickly, and don't slow down or freeze. Everything is smooth and very easy to use. There are a places in the UI where you can forget how to get there, but other than that everything is great. We have had no issues using any part of the website.

Incentivized

Tech prod support is great! I did have to ask for a new customer success rep, needed a more experienced person to match my 12 years of experience running Cybersec training programs. Would suggest that more matching of rep level of knowledge to client level knowledge would help.

Incentivized

Proofpoint support has always been above average. A lot of companies provide a customer service manager for your account but few have proved as connected as Proofpoint. The CSM was able to give us a good start with the product and checked in periodically. I found them always helpful with any questions and very knowledgeable about the platform.

Incentivized

They were so nice and easy to understand. They helped us with anything we didnt comprehend and made sure we understood each aspect. I would definitely recommend the in-person training for your staff that are going to be over implementing the software.

Incentivized

They explained implementation in detail and were readily available for any questions we had. The training was screen-shared and we could see what the instructor was doing as they were explaining. This really helped us to get a grip on how to handle it. I would use this training for all staff that will be over other staff, such as principles etc.

Incentivized

The implementation went really well and KnowBe4 was there the whole time on setup to make sure things were setup correctly. The only thing we had to figure out on our own was to script users automatically being added to security groups. So that when they sync to knowBe4 from AD they are placed into the same/correct groups.

Incentivized

KnowBe4 Security Awareness Training has a better platform for SAT than Proofpoint SAT and the templates are great. I compared these in 2020-2021, around the time when it was called Wombat. One nice thing that Proofpoint's SAT had is that if you also had their email security platform, it would integrate nicely.

Incentivized

All three products have the pros and cons. Since we use other Proofpoint products, TAP, TRAP, etc. the integration with PSAT is much better. The other products do not integrate with TRAP nearly as well as PSAT.

Incentivized

Reasonable per head pricing, although on the higher side when we go to scale. We have over 5000 employees including casual teachers used in schools. Would like the opportunity to negotiate better enterprise terms for our system. Overall, the impact of training justifies our move to KnowBe4 Security Awareness Training as our preferred cyber training provider.

Incentivized

The product scales greatly. As long as you upgrade the license to support the number of users you are needing, adding in those new users is easy. Also getting those users set up with trainings/campaigns is very easy as well

Incentivized

The team was great to work with and took their time to ensure that we knew what we were doing with the product and that it was set up to meet the specific needs of our organization. This wasn't just a cookie-cutter deployment, but rather they focused specifically on our needs.

Incentivized

• Our corporate culture has changed dramatically where they now take security very seriously and respond to security notifications and training positively instead of seeing it as an annoying distraction.
• We have seen a 30% improvement in our company's security awareness test results from the day we started which is HUGE.

Incentivized

• I don't have any tangible numbers to provide, but we definitely have an increase in the number of staff reporting suspicious emails and fewer people clicking on phishing emails.
• The cost we are paying per employee (<$2 pp)is low enough that we can consider this a "benefit" we offer to our employees. The knowledge gained can also be applied to your personal life with similar threats.

Incentivized