TrustRadius Insights for KnowBe4 PhishER/PhishER Plus are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Automation Efficiency: Users have expressed appreciation for the platform's automation, which saves time by responding to phishing reports automatically. This feature streamlines workflow processes and allows teams to focus on other critical tasks, ultimately increasing overall productivity.
Threat Handling: Reviewers highly value the feature that automatically evaluates and quarantines reported emails upon detecting a threat, enhancing efficiency in handling potential risks. By swiftly categorizing and isolating suspicious emails, this function prevents security breaches and minimizes the impact of malicious attacks on the organization.
Machine Learning Capabilities: The impressive machine learning capabilities of the platform are praised by users for accurately identifying safe and malicious emails in real-time, providing valuable insights into trends. This proactive approach aids in staying ahead of evolving threats and empowers users with actionable intelligence to strengthen their cybersecurity posture.
We use KnowBe4 PhishER/PhishER Plus for phishing campaigns, end-user training, and email analysis with the PhishER add-on.
Pros
Easy phishing campaign design and tracking
Quality end-user training modules
User-friendly interface to analyze reported emails
Cons
Provide an option for deeper training for users with privileged roles and system access
Allow notetaking/documentation capabilities in the PhishER platform
Likelihood to Recommend
The KnowBe4 PhishER/PhishER Plus platform has been great for our fast-growing company for the past five years. We have leaned on the platform for the majority of our phishing campaign and analysis functions. The Phish Alert Button (PAB) integration into the Microsoft Office Government Contractor Cloud High (GCCH) environment has been a pain-point for us, and it would be extremely helpful if there was a PAB option for mobile devices.
VU
Verified User
Manager in Information Technology (1001-5000 employees)
We use KnowBe4 PhishER/PhishER Plus as our primary platform for handling reported phishing emails. All emails flagged by employees across the organization are automatically routed to KnowBe4 PhishER/PhishER Plus, which streamlines the investigation process by automating certain analysis tasks. This allows our security engineers to review and respond to reported emails more efficiently.Additionally, KnowBe4 PhishER/PhishER Plus provides integration capabilities through webhooks, enabling us to share processed data with other applications. For example, we can automatically update blocklists in our email security systems based on confirmed phishing indicators.
Pros
Automated investigation and response
Webhook integration
PhishRIP capabilities
Cons
Reporting is basic
Sandboxing is not available
Possibility to assign reported mails to users for futher investigation
Likelihood to Recommend
We have observed a significant increase in the number of reported emails, and the platform continues to handle this volume effectively. Thanks to its automation capabilities, we save considerable time during phishing analysis. Additionally, the automated PhishRIP queries have proven extremely valuable by swiftly removing malicious emails from end-user mailboxes, reducing potential exposure and risk.
VU
Verified User
Analyst in Information Technology (5001-10,000 employees)
I have been a user of KnowBe4 PhishER/PhishER Plus for over three years. The product has tremendously saved our team time. It has enhanced our ability to respond to emails more quickly and efficiently if categorized a threat. KnowBe4 PhishER/PhishER Plus as I mentioned earlier saves us hours a month so we may focus on other Cyber and security items.
Pros
Categorizing the email if a threat, spam or clean
RIP function is fantastic removing the threat from users inboxes
Cons
I would if possible like to see an increase on speed when running a filter for who has a message that you may have to remove from inboxes.
Likelihood to Recommend
I believe it is suited for large and small organizations. We are an enterprise organization that relies on this as a defense against malign emails. KnowBe4 PhishER/PhishER Plus performs fantastic on quickly analyzing an email. I really do not see where there is a scenario that it is less appropriate to have in place with the daily threats that occur for every organization.
VU
Verified User
Administrator in Information Technology (1001-5000 employees)
We needed a way to pull all confirmed phishing emails out of our team's inboxes, sandbox the emails and prevent others from falling for the same email. KnowBe4 PhishER/PhishER Plus does all this and more. Protecting the weakest link in our security, us. We are notified of any suspicious emails and we are then able to take action. Sometime a user will report a legitimate email and we are able to confirm to the user that it's not a suspicious email or on the flip side, we can notify everyone if there is something going on in real time. Security is vital to us as an organisation.
Pros
Ripping out emails from users inbox if a suspicious email was sent to the entire organisation or multiple people.
Uses real emails to make templates to run phishing tests on users
Reporting on any vulnerabilities and simulated phishing tests
Cons
From a non-technical person viewpoint, easier to understand reports on the phishing attempts received by our team
Likelihood to Recommend
This product has been great for us. It ticked all the boxes for our requirements to help keep our data safe and helps with our cybersecurity insurance. When a user spots a suspicious email, it is so easy to report. We are then able to take action immediately, keeping everyone else more secure with a click of a few buttons. Works well when someone incorrectly reports an email too.
KnowBe4's PhishER is a product used to manage spam emails that bypass the email security gateway and reach end-users' email systems. PhishER helps us to manage this issue in a structured way. PhishER does it by using some tools and technologies. First, it uses an email plug-in called Phish Alert Button that installs on end-users' email clients such as Outlook. Once installed, it simplifies the email reporting process by enabling end users to report spam emails directly via the Phish Alert button. So, it makes the email reporting process easy and handy for end users. Once the email is reported, it is automatically collected on the PhishER portal, and the security team can review it. So, by this process, it saves the time and effort of security team. So, PhishER solves two of our problems: email reporting and collecting reported emails in one place.
Pros
KnowBe4's Phish Alert Button effectively collects all reported emails from end-users in one place.
The PhishML feature of PhishER effectively auto-scan reported emails using machine learning technologies, providing a tag for each email based on its body content and other aspects.
The PhishRIP feature works well by allowing the security team to create a query and quarantine all relevant emails from the end user's email system.
Cons
The PhishRIP query can be improved to find other emails apart from the reported one only.
They should provide an option to delete the quarantined emails that are quarantined by the PhishRIP feature.
The PhishML can be improved to produce more accurate results.
More options to integrate PhishER with 3rd party tools.
Likelihood to Recommend
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)
We utilize KnowBe4 PhishER/PhishER Plus to Enhance our email security and to reduce the workload of our IT Department. KnowBe4 PhishER/PhishER Plus allows us to reduce the number of support tickets, emails and instantmessages we previously received related to employees asking an email was a phishing simulation or if it was a real threat. It has help us by allowing for a consistent reporting method for all emails. We also use it for automated block list management and of bad links and sending addresses. We have this configured to work with our our Microsft 365 Exchanged online environment.
Pros
Phishing email reporting and alerting
Removal of patter matched threat emails from exchange
Automated block list managment
Cons
Setup and management of Rooms could be clearer
Deployment of PhisER button not as reliable as it could be, possibly a Microsoft Exchange addin problem.
Likelihood to Recommend
KnowBe4 PhishER/PhishER Plus is a great complement to the KnowBe4 phishing simulation system as it helps to reduce the workload of tickets that the IT department receives related to simulated phishing attempts.
It also does a good job reviewing and removing reported emails that slip past Microsofts Exchange Online protections. Even with defender licenses, this is a good addition. It may not be a good fit for larger teams and there are better solutions if you have the a larger budget, but this is a great low cost enhancement for users of Microsoft 365 and KnowBe4 PhishER/PhishER Plus.
VU
Verified User
Director in Information Technology (51-200 employees)
We are using KnowBe4 for educational purposes, as well as logging phishing attempts to the orgainzation. As a small IT department, it has been a fantastic tool to get a overall vision of stengths and areas that need to be enhanced. We can then take information and provide better feedback to KnowBe4 to allow better protection against future spam attacks.
Pros
Great overall vision on how to build training and resources for better secuirty
Allows for presonalized focus on individuals and how to give them better, more focused training.
Allows to show leadership trends and patterns in graphical form
Cons
The spam control is most reliant on human interaction to make it effective. It would be nice to see some more proactive controls
The intergration with 365 has been a little more complex than it should
Likelihood to Recommend
What I like about PhisherER is that it is really easy to implement and role out to staff. The feedback is instant and really assists with with learning opportunities. Our instances of people clicking on spam or opening an email that may contain malware, keeps going down, month over month. It really is an ounce of prevention is worth a pound of cure.
KnowBe4 PhishER/PhishER Plus is our chosen solution for automated phish submission review and remediation. It allows for an AI review of submissions and automated search and removal for similar emails in our organization. This helps to remove the manual review for identifying threats and manual remediation for removing them throughout our organization.
Pros
Identifying Real Phishing Emails
Creating block lists for emails
Removing real threats from our environment
Cons
Better PhishRIP capability - some emails are missed
Better identification - less false positives
Likelihood to Recommend
KnowBe4 PhishER/PhishER Plus has removed a lot of strain on our small Information Technology team that also has to focus on many tasks. By automating the first line of review and remediation it saves time and also allows for much faster response and resolution when real threats are identified.
We use PhishER to consolidate all of our companies' reported phishing emails into one dashboard. We can then find similar messages throughout the tenant and rip them with a couple of clicks if needed. This allows us to act quickly when a malicious email hits. We also use it to notice trends and stay proactive on current malicious attacks with the Global list.
Pros
Quickly loads and catalogs reported emails.
Rip feature is fast and accurate.
Threat notifications.
Cons
It's ONLY applicable to emails reported by the end-user
The Rules and Notifications section is difficult to understand and navigate. Too complicated for what it is.
The Find Similar Messages could be more efficient in its findings based on the search criteria.
Likelihood to Recommend
KSAT template creation, rip emails, and the global list are all very useful. The best thing is that it's just really easy to see all the tenant-reported emails in one simple dashboard. This is NOT a full sandbox. The protection is on you and your end users to be successful. If they aren't active and aggressive with the Phish Alert Button, it's mostly useless.
KnowBe4 PhishER/PhishER Plus is solving a lot of problem in our organization from arranging spam reported emails to one place and for end users, it is making the email reporting process very easy.
PhishER comes with a product "Phish Alert", that is installed on the end users email system as a plug in and then it makes the reporting process easy by allowing users to report the spam email by using this phish alert plugin in just 2-3 clicks. Before the PhishER users were reporting the email by sending it to the SOC team, but this tool makes the process easy.
PhishER has a lot of inbuilt features like PhishML, PhishRIP, and PhishFlip. These features are very helpful for the organization.
PhishER also allow us to integrate it with some other third party tools such as VirusTotal and Crowdstrike and they are very helpful in the scanning process of the emails reported by end users.
Pros
PhishER excels in the spam email reporting process by enabling us to install the Phish Alert Plugin on the end user's email system. With the help of this tool, users can report suspected emails in just a few clicks, saving time for other important tasks.
The central dashboard for all reported emails. It is helping the SOC team to review all the reported emails by users in one place without missing any one.
The internal AI feature, such as PhishML, helps the SOC team by reviewing the reported email and providing a tag to that email as clean, spam, or threat.
It has a feature called PhishRIP that helps us to scan the end user email system for any suspicious emails, and then we can quarantine those suspicious emails from this portal without interacting with the end users.
Cons
KnowBe4 PhishER/PhishER is good, but there is still a chance for improvement. The PhishML algorithms need to improve to reduce the false positive results. Sometimes they say a clean email is spam and give it a big spam score.
The second issue I have faced is the limitation in the PhishRIP feature. In this, we can only query the emails reported by end users with the same name, email address, and subject line or attachments. We cannot create a query from our side to search for any different type of emails.
The third-party integrated tools do not auto-scan the emails. We need to initiate the scanning on every email, and for every link or attachment, we have to click on the scan, and then it will scan it.
Likelihood to Recommend
Knowbe4 PhishER/PhishER Plus does particularly well in the by making the spam email reporting process easy for the end users. For the SOC team it also does well to save their time and efforts by collecting all the reported emails at one place, at one dashboard. Also in the dashboard of this tool they have their own AI tool PhishML that automatically scans every reported email and provide a tag to the email as clean, spam or threat. On this basis, we can prioritize the reported emails for manual checking. KnowBe4 PhishER/PhishER Plus also have feature to integrate it with the third party tools that help us to make the security feature more better. It is does not fit well in some cases such as if you are looking to remove a suspicious emails from the end users system but it is not reported by the end user, you cannot do it. PhishRIP does not allow to do it.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)
