KnowBe4 Security Awareness Training vs. SANS Security Awareness Training

I don't have any frame of reference for comparison, but the training that I have used has proved impactful for my staff. Since starting KnowBe4 training, we've seen a great increase in the number of phishing attempts, but also a great increase in the number of attempts that have been recognized by staff, and we have thus not been the victim of phishing or other cyberattact vectors

Incentivized

SANS Security Awareness Training program would be well suited for a large organization that needs to develop multiple training programs with different courses based on the roles of the end users. It seemed a bit difficult at times to achieve simple setup processes because of the configurations tailored to larger, more complex organizations.

Incentivized

• Phish tests can be set to various difficulty levels as staff becomes more knowledgeable in catching phish emails.
• Automated phish tests and training save a lot of admin time. The product can also test for phone and USB stick practices.
• The phish alert button in Outlook, along with PhishER and PhishFlip allow easy managing and response to actual phishing emails.
• The interactive training is well designed to cover all types of phishing and safe email and phone behavior.

Incentivized

• Variety of cyber threat videos and presentations
• Web based and mobile access to the platform
• Easy to manage administrator access to configure the training sessions

Incentivized

• The provided templates for phishing simulations are mainly available in English. There are also some templates available in our native language, but their number is small. We have seen other platforms offer way more phishing simulation templates in our language.
• Although there is a really huge number of training videos available, some of them are outdated and no longer have much to offer. Some cleaning up could help in this direction.
• Although there a some games / puzzle like trainings available, we have seen other platforms offer more and better ones (on the other platforms had they had almost no videos at all...). It would help significantly to also invest in enriching the provided puzzles / games.
• We have seen other platforms offer games, where, for example, employees of the company can compete against each other while working together in groups to achieve a common goal (e.g., eliminate a fictional security threat that has "hit" the company. Plan the steps needed to be taken, take the steps one after another and have a chance to see the impact each action has. At the end the team that has suffered the least cost to end the threat is the one that wins. Just an example. The point is to make this challenging, using gamification and to make the employees part of the prevention force of the company against cybersecurity threats.

Incentivized

• Mass import of users was a bit confusing
• User interface was sometimes not intuitive
• Ability to upload custom content was difficult to use

Incentivized

Between the ease of use, cost effectiveness, functionality and continued improvements Knowbe4 continues to make it would be pretty hard to find another competitive product that wraps it all up like KnowBe4 has. Not saying it couldn't happen, but haven't seen anything that competes at this point.

Incentivized

KnowBe4 Security Awareness Training is simple to use, simple to administer, effective, with quality content. It is easy to take the training and we have the reminders set so that the longer a user puts the training off, the more frequently they will receive reminder emails. Eventually they get emailed every day until they take the training. But with a simple click, they can get into the training content.

Incentivized

There have only been a handful of outages in the 2 years we have had the product. Even during those instances, parts of the system were still operational

Incentivized

Pages load quickly, filter/sort quickly, and don't slow down or freeze. Everything is smooth and very easy to use. There are a places in the UI where you can forget how to get there, but other than that everything is great. We have had no issues using any part of the website.

Incentivized

Tech prod support is great! I did have to ask for a new customer success rep, needed a more experienced person to match my 12 years of experience running Cybersec training programs. Would suggest that more matching of rep level of knowledge to client level knowledge would help.

Incentivized

Helpful and knowledgeable account managers have helped us navigate and use the system to our full potential

Incentivized

confusing question. I inherited this application so I didnt get any formal training other than the person who was leaving. The CSM provided some later on when I asked in a zoom call

The implementation went really well and KnowBe4 was there the whole time on setup to make sure things were setup correctly. The only thing we had to figure out on our own was to script users automatically being added to security groups. So that when they sync to knowBe4 from AD they are placed into the same/correct groups.

Incentivized

KnowBe4 offered a significantly more favorable cost-benefit ratio compared to other solutions. Its seamless integration with our existing infrastructure—particularly Active Directory and email systems—was the most compatible with our operational and security requirements.

Incentivized

We actually are currently migrating to Proofpoint Security Awareness Training because of its integration with the Proofpoint email filter. This will allow us to target specific users who are clicking on bad emails with specific training material. We have used KnowBe4 in the past as well, but it was rather costly compared to SANS Security Awareness Training and Proofpoint. SANS Security Awareness Training seems to be the least easy-to-use interface from an administrative perspective compared to the other two.

Incentivized

I was not involved in the pricing, billing or contract terms.

Incentivized

The product scales greatly. As long as you upgrade the license to support the number of users you are needing, adding in those new users is easy. Also getting those users set up with trainings/campaigns is very easy as well

Incentivized

The team was great to work with and took their time to ensure that we knew what we were doing with the product and that it was set up to meet the specific needs of our organization. This wasn't just a cookie-cutter deployment, but rather they focused specifically on our needs.

Incentivized

• With the implementation of KnowBe4 Security Awareness Training, we have reduced a lot of issues of social engineering attacks like Phishing attacks, Smishing attacks, Vishing attacks, and a lot more. After implementing the KnowBe4 Security Awareness Training, we have seen a significant decrease in the clicking on a phishing email. Now users are aware of phishing attacks and they know how to react to them.
• With KnowBe4 Security Awareness Training, we got another tool Phish Alert Button that we have installed on the user's outlook and after providing training on these topics, now we are receiving a lot of spam report emails are users are protecting them from clicking and just reporting it to the IT team.
• With the Phishing test, we are seeing the growth and analyzing how our users will react in the case of a real phishing attack, and with this, we are providing more training to them and going with them as per the test report. This whole process is making our company more stronger against any type pf social engineering attack.
• After implementing KnowBe4 Security Awareness Training, we have seen a lot of improvements in the account compromise case in our company because users are not clicking on fake links now.

Incentivized

• Positive impact knowing we are educating our staff from phishing and potential cyber criminals
• Considering the potential for bad actors infiltrating our network, this is a small expense
• Pricing based on actual end users, worth the investment

Incentivized