KnowBe4 PhishER/PhishER Plus

Score9 out of 10

247 Reviews and Ratings

What is KnowBe4 PhishER/PhishER Plus?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

Categories & Use Cases

Media

how PhishER Plus enables a critical workstream to help IR teams work together to mitigate the phishing threat and is suited for any organization that wants to automatically prioritize and manage potentially malicious messages.

Centralized Dashboard
A central dashboard provides analysts with a clear look at the most important data
Category average: 8.4
Live Response for Rapid Remediation
Live remediation response allows incident responders to initiate remediation from anywhere over secure connection
Category average: 8.1
Machine Learning to Prevent Incidents
Incident prevention powered by machine learning with no human intervention
Category average: 7.8

Integration with Other Security Systems
Pre-built integration with other security systems like SIEM and threat intelligence
Category average: 7.1
Company-wide Incident Reporting
Built-in enterprise-level ticketing system to leverage the knowledge of the entire workforce, not just the security team
Category average: 7.3

Stephen Rilee View profile

Senior Director Information Technology in Information Technology at Empire Communities (501-1000 employees employees)

Use Cases and Deployment Scope

We have been using KnowBe4 for our security awareness training for 4 years, and it has met or exceeded our expectations. As cybersecurity threats continue to evolve, it’s crucial to equip employees with the right knowledge to identify and prevent attacks—and KnowBe4 makes that process seamless, engaging, and effective. I recommend KnowBe4 to any organization looking to enhance security awareness, reduce human error, and strengthen their cybersecurity posture. It’s an essential tool in today’s cyber-threat landscape.

Pros

User Friendly
Training Modules
Phishing Simulations
Great Customer Support

Cons

More training content
Better Reporting

Return on Investment

No guessing with the PhishER
PhishRIP removes threats from other inboxes before they are a problem

Usability

Alternatives Considered

MetaCompliance

Chad Strohschein

Information Technology Lead in Information Technology at Alberta College of Paramedics (11-50 employees employees)

Use Cases and Deployment Scope

We are using KnowBe4 for educational purposes, as well as logging phishing attempts to the orgainzation. As a small IT department, it has been a fantastic tool to get a overall vision of stengths and areas that need to be enhanced. We can then take information and provide better feedback to KnowBe4 to allow better protection against future spam attacks.

Pros

Great overall vision on how to build training and resources for better secuirty
Allows for presonalized focus on individuals and how to give them better, more focused training.
Allows to show leadership trends and patterns in graphical form

Cons

The spam control is most reliant on human interaction to make it effective. It would be nice to see some more proactive controls
The intergration with 365 has been a little more complex than it should

Return on Investment

Every time a staff member doesn't click on a link or open a bad email, saves me hours. Every time!
As a single IT person in the company, having a single point of view on starting a new teaching campaign, look at stats finding out who is struggling the most is worth ever cent.
I love the fact that everything has little to no impact on the network. The integration with our email is fantastic.

Usability

Alternatives Considered

Coro Cybersecurity

Other Software Used

Microsoft 365 Business Premium, Pulseway, Cisco Duo, Sophos Managed Detection and Response

Aaron Leupold View profile

IT Business Analyst in Information Technology at AGP (1001-5000 employees employees)

Use Cases and Deployment Scope

We utilize KnowBe4 Phish ER as a secondary level of defense for our users to report suspected phishing emails that made it through the firewall. Phish ER allows me to review the reported email and confirm whether it is a threat or not. If determined to be a threat, then we are able to use Phish ER to find any other emails of the same type in other inboxes and remove them before they are opened.

Pros

PhishRIP
Machine Learning
Ease of use to create rules

Cons

Aiding the Machine Learning
Adjusting Automated response when ML determines threat

Return on Investment

More overall Cybersecurity
Individual review time has been cut by at least 50%
Suspected threat e-mail alerts allows for faster response time.

Usability

Alternatives Considered

Proofpoint Threat Intelligence Services

Other Software Used

OnBase, Tungsten Capture

Verified User

Manager in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

We use KnowBe4 PhishER/PhishER Plus for phishing campaigns, end-user training, and email analysis with the PhishER add-on.

Pros

Easy phishing campaign design and tracking
Quality end-user training modules
User-friendly interface to analyze reported emails

Cons

Provide an option for deeper training for users with privileged roles and system access
Allow notetaking/documentation capabilities in the PhishER platform

Return on Investment

isolating email threats more quickly and accurately
mitigating active phishing attacks impact

Usability

Alternatives Considered

Barracuda Email Protection

Other Software Used

Microsoft 365

Verified User

Analyst in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

We use KnowBe4 PhishER/PhishER Plus as our primary platform for handling reported phishing emails. All emails flagged by employees across the organization are automatically routed to KnowBe4 PhishER/PhishER Plus, which streamlines the investigation process by automating certain analysis tasks. This allows our security engineers to review and respond to reported emails more efficiently.Additionally, KnowBe4 PhishER/PhishER Plus provides integration capabilities through webhooks, enabling us to share processed data with other applications. For example, we can automatically update blocklists in our email security systems based on confirmed phishing indicators.

Pros

Automated investigation and response
Webhook integration
PhishRIP capabilities

Cons

Reporting is basic
Sandboxing is not available
Possibility to assign reported mails to users for futher investigation

Return on Investment

Freed up resources by automating analysis and auto block list updating
Quarantined malicious mails in employees mailboxes which led to NO compromise

Usability

Other Software Used

CrowdStrike Falcon, CrowdStrike Falcon Identity Protection, Cisco Secure Email Threat Defense

Infosec IQ

Proofpoint Threat Response Auto-Pull

Cofense Triage

KnowBe4 PhishER/PhishER Plus

What is KnowBe4 PhishER/PhishER Plus?

Categories & Use Cases

Media

Key Features

Top Performing Features

Centralized Dashboard

Live Response for Rapid Remediation

Machine Learning to Prevent Incidents

Areas for Improvement

Integration with Other Security Systems

Company-wide Incident Reporting

Reviews

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Other Software Used

Related Products