TrustRadius Insights for Cofense PhishMe are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
User-Friendly Interface: Many users have praised the product for its friendly and intuitive user interface, making it easy to navigate and organize campaigns. It has been described as intuitive and has saved users time by allowing them to report phishing attempts with just a click of a button.
Customizability: The ability to customize the product has been highly valued by users. They appreciate the flexibility in creating automation rules and recipes to handle a large flow of reports. Users also mentioned that the product offers detailed whitelisting instructions and a wide variety of customizable templates.
Excellent Customer Support: Users have consistently praised the customer support provided by the company. They found the support to be great, with an outstanding account manager. Assigned professionals advising and suggesting the best approach for their user base was also appreciated. The availability of multilingual support was mentioned as a positive aspect for global companies.
We basically use it to analyse and check if any mails reported by the users are phishing mails. Well it helps us to identify any mails that might have been missed by the email services. Also we love the quick and easy response and reaction we can take once we identify a phish.
Pros
Playbooks
Rules matching
Risk Score
IOC Matching
Cons
Custom Triggers
Custom Reports
Likelihood to Recommend
Flexibility to tackle all the phishing aspects of the company.
VU
Verified User
Team Lead in Information Technology (501-1000 employees)
We give each user the ability to report any email they deem suspicious, which then gets reviewed by a team within cybersecurity. The overall depth and information provided by Cofense has significantly increased our odds of detecting a malicious threat actor. It has also freed up a lot more time for the cyber team to work on other projects!
Pros
Gives a plethora of data
Automation
Metrics
Cons
The ability to change templates on the fly. Not all emails fit a certain template and I would like to not have to reach out to a user separately but instead be able through Cofense.
Likelihood to Recommend
It is one of the more commonly used tools within our stack. Gives users peace of mind that they can send suspicious emails to those that have a bit more training in what to look for.
VU
Verified User
Employee in Information Technology (5001-10,000 employees)
We are an MSSP for Cofense PhishMe, and offer it as a managed service to our clients. We aim to solve our client's problems of poor phishing awareness and training, by offering this as a service. We run phishing simulations monthly using the platform and use the statistics it provides to create a monthly report to inform our clients about their success with training their users. Our simulations can be simple using the base templates, but we also offer customized scenarios, which use the PhishMe service to customize the details of a template and schedule and deploy the simulation to the client.
Pros
Customisation
Detailed whitelisting instructions
Flexible scheduling options
Good customer support
Detailed and accurate statistics
Cons
Cofense PhishMe could recommend current trends as templates
There could be options to have multiple clients on one accounting for a basic shared service for clients who want a cheaper option
A clearer dashboard that displays the statistics per scenario, and gives numbers of clicks/reports as well as the percentage, as the clients often want numbers as well as percentages
Likelihood to Recommend
Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
VU
Verified User
Program Manager in Information Technology (10,001+ employees)
We are using Cofense frequently to report phishing mail. It is addressing resolving reporting issues before the user reporting is very difficult and it will take time; now, it is easy to report and find the malware, but it is very time-consuming. Cofense is very helpful for auto categorizations, so it will save lots of time.
Pros
Creating the Rule for know emails.
Sending notification is very useful to forward the request to SOC team for analyzing.
Running play book is very useful and easy to resolve the issue.
Cons
In the matches we need more details.
Creating rules is very difficult.
YARA rules are not understandable.
Likelihood to Recommend
The Cofense PhishMe is well suited in all the scenarios for reporting from the end-user side. It is much easier to report to INFOSEC from the end user. In a small environment or that doesn't have owned domain, in this case, it is less appropriate to use the PhishMe. Otherwise, all the places the Cofense will support.
Amazing product for processing the reported phishing emails. Threat intelligence from Cofense PhishMe is very useful, and they have a [wide variety] of simulation templates.
Pros
Process reported phishing emails
Threat Intelligence
Phishing Simulation
Cons
AI in Cofense PhishMe protect
Future products
Integrations with other technologies
Likelihood to Recommend
Best for processing reported phishing emails.
VU
Verified User
Team Lead in Information Technology (1001-5000 employees)
Cofense PhishMe is an all-in-one solution for increasing Mail Security Awareness in the organisation. We use it to simulate phishing campaigns across different verticals in the organisation and calculate the susceptibility rate of the users to make them more aware of the indicators of compromise in phishing emails.
Pros
Phishing Campaigns
Historical Graphs for Phishing Campaigns
Security Awareness Banners
Cons
A better UI for which Cofense PhishMe is already working
More region specific domains for phishing Campaigns
More region specific scenarios for Phishing Campaigns
Likelihood to Recommend
It's a very apt tool for the scenario where there are multiple users and verticals in an organisation. Phishing Campaigns and recording their response actions is quite easier through this tool. Not suitable for a small organization (less than 500) that can maybe use some open tools or self-made emails for campaigns.
VU
Verified User
Analyst in Information Technology (5001-10,000 employees)
[Cofense] PhishMe is being used by our department in an organization-wide effort to combat our #1 Attack Vector. [Cofense] PhishMe is able to address the queue and automation of submitted emails from our users. [Cofense] PhishMe also address the necessary information needed from emails submitted by parsing accurate and relevant information in our analysts' view.
Pros
Recipe and rule matching [...] enables an advanced method to target, filter, and take quicker action on suspicious emails.
Clustering similar events [...] organize and save time on MTTD and MTTr for incidents and intervention.
Parsing critical information such as IPs, Email addresses, and URLs to help aggregate all the information into 1 single pane.
Email and HTML preview allow ease of visibility without having to download or find/fetch the original content.
Cons
Many of the URLs come in with an unknown reputation and although it may be challenging from threat intel feeds, somehow allowing a more in-depth analysis of the URL can provide better/quicker decision making or validation.
Adjustable widgets for reporting, although the provided are already built very well.
Provide in-house templates or summaries of actionable items, such as a single brief on a major phish.
Likelihood to Recommend
Attackers targeting organizations require users to reach out or speak up. When a user is able to easily report via [Cofense] PhishMe, an analyst has all the information they need from the submission to take action in their organization in seconds. Phishing scenario targeting HVTs easily is visible in the tool, mitigating future emails are easily done by correlating information collected. Also, when attachments such as dropper malware are included, it is easily identifiable by the information parsed, and the attachments are available for sandbox detonation or static/dynamic analysis. Original content is preserved and cuts down on time to take action on submitted phishing attacks.
VU
Verified User
Analyst in Information Technology (10,001+ employees)
[Cofense PhishMe] is used at Express for security awareness, security education, and protection of the organization from bad actors that are persistent and relentless in the pursuit of attacking the organization from the storefront, back office, and the C-suite.
Pros
Education
Filtering know bad.
Responding to the reporter.
Cons
Threat Intel API feeds.
Sandbox
User generated reporting.
Likelihood to Recommend
<div>[Cofense] PhishMe is well suited for [medium] to large organizations with [a] dedicated analyst that [is] continually working the findings, building new phishing campaigns and removing malicious emails from the end users mailboxes.</div><div> It is less appropriate for SMB's that have limited resources to manage the day to day usage of the product. </div>
Cofense PhishMe is being used across the entire organization. Users use the Report Phish button in Outlook to report suspicious emails, then the Cofense PhishMe triage server responds back letting the user know if the email is safe or malicious. It helps the business prevent phishing attacks and account compromises.
Pros
Quick response from triage.
Simple and easy to use.
Accurate
Cons
More automation.
Ability to work in non-outlook apps.
Likelihood to Recommend
Cofense PhishMe is a great tool for security awareness and for preventing phishing attacks. It allows users to report suspicious emails before they click them themselves.
VU
Verified User
Manager in Information Technology (1001-5000 employees)
We are using the Cofense PhishMe solution to send phishing scenarios and we are getting great results and great views in the console. The platform is easy to use and has a lot of resources. We are also using targeted scenarios from the module. Also, the LMS module provides great value to organizations as they have generalized security modules and also have gamification modules for security awareness programs. The platform is user-friendly and does not require training to use the platform. I was able to use it without any prior training. I am able to perform all phishing scenarios from the user-friendly console.
Pros
Learning
Phishing scenerios
Awareness letters
Cons
New content
Innovative
Resources for training
Likelihood to Recommend
It's well suited for any type of organization. They have content from different languages and different categories. So if you need your company to send targeted phishing scenarios to Spanish users, then they have templates in that language too. Also, we can use templates to target different departments. We are using different templates to target new hires, oversee people, and so on.
