Skip to main content
TrustRadius
KnowBe4 PhishER/PhishER Plus

KnowBe4 PhishER/PhishER Plus

Overview

What is KnowBe4 PhishER/PhishER Plus?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and…

Read more
Recent Reviews

Phishing Hero!

10 out of 10
March 13, 2024
Incentivized
We use KnowBe4 PhishER with our KMSAT. KnowBe4 PhishER is basically helping us to resolve our biggest security problem and that is …
Continue reading
Read all reviews

How KnowBe4 PhishER/PhishER Plus Differs From Its Competitors

Time Savings

With KnowBe4 PhishER, we freed up incident response analysts' time to focus on more critical threat emails and associated mitigation actions. This has freed up analyst time, and they can now spend it on projects and security training, primarily related to cloud security technology. PhishER's quick …
Continue reading

Time Savings

By handling 75% of emails that are reported with the PAB, analyzing and replying to the reporter without intervention, KnowBe4 PhishER has saved us hours and hours of handling and research time. Even the 25% or less amount of emails we have to manual review are quicker because KnowBe4 PhishER has …
Continue reading

PhishER Capabilities

We have attempted to utilize PhishRIP, but I'm not sure it's found a lot of duplicates to pull from our email. We also utilize the KnowBe4 PhishER Blocklist and PhishML. We have not turned on PhishFlip at this point.
Continue reading

Time Savings

It's pretty simple. It saves time by managing whether emails are threats or spam. If a user clicks on a suspicious email and Knowbe4 knows that, then a technician doesn't have to review the email.
Continue reading

Time Savings

Everyday we are getting phishing, spam, and clean emails reported via the KnowBe4 phish alert button. Auto resolving spam and clean emails help us prioritize and streamline our response to valid phishing emails. This frees up our team for blocking real threats and investigating emails that might …
Continue reading

PhishER Capabilities

We use PhishRIP, PhishFlip, and PhihsER Blocklist. These tools help us keep everything in one place. PhishRIP pulls threats that were reported by users via the Phish Alert Button from other mailboxes to keep these from getting clicked on. PhishFlip helps us use real phishing emails as phishing …
Continue reading

Time Savings

As my team gets more used to using the PAB, they are less likely to reach out to me specifically to ask about security issues or phishing emails. Users are able to report issues without taking time to write a message, and can trust that if I need to see it I will.
Continue reading

PhishER Capabilities

I am currently using PhishRIP to collect and search for malicious emails. I am looking into other capabilities but am still working through onboarding myself and my team fully.
PhishRIP has helped me cut down on noise for email reporting and helps me be proactive in trying to quarnatine emails from …
Continue reading

Time Savings

With KnowBe4 PhishER's capability of recognizing threats when they are reported, the reports are automatically processed and employees receive real-time feedback to the reports they have made without us having to intervene. The automatic resolution of threats has been a huge timesaver, because it …
Continue reading

PhishER Capabilities

We are using PhishRip, and the blocklist capability currently. Being able to utilize the efforts of all employees to create a comprehensive blocklist has been great. The ability to search for threats and RIP them from inboxes has also been a huge help. Finding those identified threats and removing …
Continue reading

Time Savings

Instead of depending on individuals to alert our security team and handling incidents one email at a time, we can see & manage threats at the organization level, even removing them before one of our team members even sees an email.
Continue reading

Time Savings

We're able to have potential phishing emails go to a centralized dashboard. There, they can sit while we assign a rating and the possibility of a phishing attempt. This saves our organization time and energy so we can focus on the critical side of business. We're also able to let users know …
Continue reading

Time Savings

Considering that the company has more than 30,000 employees, the number of phishing emails received daily is very high. Only thanks to the KnowBe4 PhishER was it possible to manage the workload automatically, efficiently and quickly, drastically reducing the number of users who click on malicious …
Continue reading

PhishER Capabilities

My organisation have implemented the PhishML machine learning that allow to automatically categorise email and react based on type of category and tags, creating rules and actions is easy to respond to the users if the emails is a threats or spam or clean. We use also the PhishFlip very useful to …
Continue reading

Time Savings

It has saved a lot of time in terms of reporting emails from our user side and from the security team perspective as well. We got a centralized dashboard where we can see all reported emails instead of looking for reported emails in the outlook. With the AI feature of KnowBe4 PhishER, it is …
Continue reading

PhishER Capabilities

We have implemented PhishML for automatic categorization of reported emails. We have PhishRIP to see how many number of other users have received the same phishing email that one user reported, so that we can quarantine all emails. PhishFlip is helping us to test our users based on a real phishing …
Continue reading

Time Savings

KnowBe4 PhishER has allowed us to focus on other core security related issues by allowing users to report emails and having KnowBe4 PhishER identify what type of threat the email is and what must be done with it. We can then go through a update any we believe were incorrectly identified, but this …
Continue reading

PhishER Capabilities

We have implemented PhishRIP as it easily allows KnowBe4 PhishER to identify duplicate scam/phishing emails in other users mailboxes and quarantines them. We also use Blocklist regularly to ensure further emails from the same senders are blocked from our network and users mailboxes. We finally use …
Continue reading

Time Savings

The machine learning portion of PhishER does a great job of identifying good, bad, and suspicious actors and brings all of them to our attention in an easy to use dashboard. The reporting of bad actors is quick, and the response to mitigate is fast as well.
Continue reading

PhishER Capabilities

We currently utilize the PhishML to help us determine whether an email is a legitmate threat, spam, or otherwise suspicious. All without us having to individually review every submission. PhishRIP does the leg work of removing legitimate threats from all inboxes (or sub folders) automatically. …
Continue reading

Time Savings

Using KnowBe4 PhishER, our organization has streamlined the incident response process, distinguishing real threats from harmless emails efficiently. This precision has saved us substantial time, estimated at a 55% reduction in sifting through false positives. The time saved is reinvested into …
Continue reading

PhishER Capabilities

As of now, our organization hasn’t implemented any of these specific capabilities like PhishML, PhishRIP, PhishFlip, or the PhishER Blocklist from KnowBe4’s PhishER. However, recognizing their potential to automate threat remediation, transform threats into training, and customize security …
Continue reading

Time Savings

Again, don't have hard numbers but we have seen spam/malicious emails reduced, such that my team does not have to deal with them. I would estimate between a 10-20% reduction.
Continue reading

Time Savings

We have a very small team, and KnowBe4 PhishER has saved us time identifying and managing messages. With KnowBe4 PhishER, we have a comprehensive dashboard that allows us to take direct action and measures that also impact future potential attacks and attempts. Before KnowBe4 PhishER, we had …
Continue reading

PhishER Capabilities

We are using the standard capabilities of KnowBe4 PhishER, and with the help of KnowBe4 products specialists, have configured it optimally for our organization. We utilize KnowBe4 PhishER Blocklist to block undesired senders that based on their profile and messages, are obviously attacking us. We …
Continue reading

Time Savings

Yes we use the automated actions feature so that emails that are found with a high confidence to be "Clean" or "Spam" & not "Threat" are automatically resolved with an email automatically sent to the reporter notifying them of the findings. There is also an automated email sent to me in additional …
Continue reading

Time Savings

All the flagged emails from the PAB are gathered in one place. The system flags many emails using the filters and appropriately classifies them. Those it cannot automatically identify with certainly are presented into one page where I can systematically and quickly teach the system of new threats …
Continue reading

PhishER Capabilities

We have used PhishML, PhishRIP, and PhishER Blocklist. I have used PhishFliip on one occasion. The email that was flipped was too advanced of a test where all the users failed to catch it.
It has significantly reduced my time weeding through the 15,000 emails that would have come through my inbox …
Continue reading

Time Savings

Thanks to the built-in machine learning features, KnowBe4 PhishER has greatly increased our ability to identify and respond to reported emails. For example, we will automatically mark high-confidence phishing emails as malicious and begin the process to block the sender and quarantine the email …
Continue reading

Time Savings

I feel like I'm repeating myself, but it saves us time in the fact that end-users can simply submit an email for review and move on with their day where before it usually ended with a call to the Helpdesk. So this saves our end-users time and our Helpdesk's time
Continue reading

PhishER Capabilities

PhishRIP (best feature of them all by a long shot) PhishML (works for the most part, but in my experience, we have had issues with alot of false positives with the "clean" rating" PhishFlip (we've used it a couple of times, but it is not something that we utilize alot) We don't use the PhishER …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 5 features
  • Company-wide Incident Reporting (52)
    7.8
    78%
  • Live Response for Rapid Remediation (55)
    7.8
    78%
  • Centralized Dashboard (62)
    7.8
    78%
  • Machine Learning to Prevent Incidents (54)
    7.7
    77%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

3001-5000 Monthly Pricing Per Seat

$0.50

Cloud
per month (billed annually) per seat

2001-3000 Monthly Pricing Per Seat

$0.55

Cloud
per month (billed annually) per seat

1001-2000 Monthly Pricing Per Seat

$0.65

Cloud
per month (billed annually) per seat

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.knowbe4.com/pricing-phisher

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Features

Incident Response Platforms

Incident response (IR) platforms guide countermeasures against a security breach and deploy preplanned, automated threat responses

7.6
Avg 8.5
Return to navigation

Product Details

What is KnowBe4 PhishER/PhishER Plus?

PhishER is a platform for managing the high volume of potentially malicious email messages reported by users. With automatic prioritization of emails, PhishER aims to help InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

PhishER is a web-based platform with critical worksteam functionality that serves as a phishing emergency room to identify and respond to user-reported messages. With PhishER, users are able to automate the workstream of 90% of reported emails that are not threats, freeing up incident response resources.

PhishER is available as a stand-alone product or as an optional add-on for KnowBe4 customers that want to automatically prioritize and manage potentially malicious messages that were reported through the KnowBe4 Phish Alert Button. PhishER Plus is an upgraded subscription level that includes all of the features from PhishER with additional enhancements and AI-validated crowdsourced data. PhishER Plus was developed to help supercharge an organization’s email security defenses. It does this by automatically blocking phishing attacks that traditional Security Email Gateways (SEGs) miss and removes these missed threats from users’ inboxes.

KnowBe4 PhishER/PhishER Plus Features

Incident Response Platforms Features

  • Supported: Company-wide Incident Reporting
  • Supported: Integration with Other Security Systems
  • Supported: Centralized Dashboard
  • Supported: Machine Learning to Prevent Incidents
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Automatic Message Prioritization

KnowBe4 PhishER/PhishER Plus Screenshots

Screenshot of This is a diagram of the PhishER workflow. Reviewing the PhishER workflow before getting started will provide an understanding of how PhishER, PhishRIP and PhishFlip work.Screenshot of The Reports screen will display five different dashboards of information.Screenshot of When entering the PhishER platform, the first screen that appears is the Dashboard. Here, a quick overview of the PhishER platform will appear.

KnowBe4 PhishER/PhishER Plus Video

Introduction to PhishER

KnowBe4 PhishER/PhishER Plus Integrations

KnowBe4 PhishER/PhishER Plus Competitors

KnowBe4 PhishER/PhishER Plus Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

KnowBe4 PhishER/PhishER Plus Downloadables

Frequently Asked Questions

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.

Cofense Triage, Infosec IQ, and Proofpoint Threat Response Auto-Pull are common alternatives for KnowBe4 PhishER/PhishER Plus.

Reviewers rate Company-wide Incident Reporting and Centralized Dashboard and Live Response for Rapid Remediation highest, with a score of 7.8.

The most common users of KnowBe4 PhishER/PhishER Plus are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(160)

Attribute Ratings

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why
July 28, 2023

KnowBe4 PhishER is the Bees Knees!

KO
Krystal Otten
Security Engineer
TCS Education System (Education Management, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We love PhishER because it works to combat our phishing email issue. I think the most notable feature of the product is that it actually takes the phishing and malware emails we receive and pulls them out of users inbox. It is very beneficial. The other feature I find extremely beneficial is the Virus Total score to decide whether an email is malicious or not.
Pros and Cons
  • Identifies the difference between Clean and Threat emails.
  • Pulls out emails from other users mailboxes that contain the same info as phishing email.
  • Enables you to customize the platform to closely relate to your company.
  • Honestly I can't think of anything!
Likelihood to Recommend
KnowBe4 PhishER is great at detecting threats before they even reach our users mailboxes. Since human error is so prevalent, this is a huge help. The tool also does a great job of setting to the side the ones it is unsure about. I like this because it does not pull out emails from our users unless it is extremely sure it contains a threat.
KnowBe4 PhishER/PhishER Plus Feature Ratings
Incident Response Platforms (5)
100%
10.0
Company-wide Incident Reporting
100%
10.0
Integration with Other Security Systems
100%
10.0
Centralized Dashboard
100%
10.0
Machine Learning to Prevent Incidents
100%
10.0
Live Response for Rapid Remediation
100%
10.0
Return on Investment
  • Isolating email threats
  • Seizing phishing emails before they become an attack
  • Leaving more time open on our team to work on other tasks
Time Savings
KnowBe4 PhishER has saved my organization time and money by reducing/eliminating the amount of threats that enter our user's mailboxes. It is a sad truth, but if all the threat emails would have actually gotten sent out, our users would have clicked on them.
PhishER Capabilities
We have implemented Phish ML, PhishRIP, and Phish ER Blocklist.
These features have impacted my organization by working together to create a perfect offensive tool. Most tools these days are defensive, but i feel like this one does so much better at preventing the problems to begin with.
Alternatives Considered
None.
Other Software Used
Product Configurability
10
I feel the configurability is just right for this type of product! The tool was working great without configuring small details, however, it works even better now. I am able to create the email responses from scratch for THREAT, SPAM and CLEAN sent to end users after they report phishing email. These emails can be set to be coming from whatever sender you’d like (my company uses IT Services). Another feature is the Blocklist where i can add a malicious sender’s email address, a URL, or a File Hash. You can then configure to sync with Microsoft 365 mailboxes. I also like that I can use the pre-determined tags and/or create my own to apply to the messages. Not only can you create the tags, but you can also use those tags to define the classification (THREAT, SPAM or CLEAN) each email receives!
Configuration Lessons
My recommendation would be to take the time to carefully configure the tool based on your company’s preferences. Doing so will result in a very accurate data presentation.
UI Customization
Some - we have done small customizations to the interface
Extensibility and Customization
Some - we have added small pieces of custom code
I have not added custom code myself yet.
July 26, 2023

Phish ER to the rescue

SW
Steve Wingate
CISO (Chief Information Security Officer)
Ventra Health (Financial Services, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We have a high rate of items reported via Phish ER (approximately 1000 a month) for a department of 2 people.
We setup rules in Phish Alert to respond to the most common items reported.
We have also setup rules to all the InfoSec team to focus on those emails that have not been responded to and/or actual threats.
By utilizing Phish ER we have been able to take reduce the amount of time spent addressing items report from 2 hours a day down to < 20 minutes.
Additionally with the recent update to allow us to push blocks to M365 we are seeing a large reduction in the number of spam and scam emails.
Pros and Cons
  • Minimal false positives
  • Ease of use in defining and designing flows
  • Ease of use in defining and designing response templates
  • Reporting - the reports in place are useful but allowing for more details would be helpful
  • More Quick Actions
Likelihood to Recommend
Ease of implementation.
Time savings.
Use in identifying trends.
KnowBe4 PhishER&#x2F;PhishER Plus Feature Ratings
Incident Response Platforms (5)
94%
9.4
Company-wide Incident Reporting
80%
8.0
Integration with Other Security Systems
100%
10.0
Centralized Dashboard
90%
9.0
Machine Learning to Prevent Incidents
100%
10.0
Live Response for Rapid Remediation
100%
10.0
Return on Investment
  • Time saved has allowed for concentration in other areas.
  • Response time to users has increased InfoSec profile in the company, making it easier to sell other initiatives. Also, this makes users more likely to report things
  • The ability to see threats in 1 area allows for better recognition of trends or large scale attacks.
Time Savings
The automated responses with low cases of false positives has allowed my team to focus on the actual threats and/or unknowns. This has promoted users to be more willing to report things.
PhishER Capabilities

We have implemented - PhishER Blocklist.
This has helped reduce the amount of spam/scams that are getting to users.Very valuable.
Alternatives Considered
In looking at other products I didn't find any that were as integrated with our email process.
We did implement Tessian as an email filtering/security product but I feel PhishER provides functionality that other email security tools cannot provide.
Other Software Used
Product Configurability
10
Just right.
Easy to get up and running quickly
Configuration Lessons
Turn on Phish ER but wait to setup the automation tasks until you have reviewed your data to group and rollout types of emails.

UI Customization
No - we have not done any customization to the interface
Extensibility and Customization
No - we have not done any custom code
Additional Customization Considerations
None - the available features met our needs
Users and Roles
3
Information Security
Information Technology


Support Headcount Required
2
Members of the InfoSec team with experience in email security.
Business Processes Supported
  • Ability to automate responses to users that report emails.
  • Reporting and classification of reported emails.
  • Integration with M365 to allow for adding emails, attachments, etc. to block list.
Innovative Uses
  • Training users on legitimate emails and proper communications.
  • Finding large scale phishing attacks.
  • Understanding and reporting on most common scams/phish being seen by users.
Future Planned Uses
  • Use the data gathered to recognize frequent reporters.
  • Use data gathered to understand common domains, etc. for DMARC and SPF implementation
Likelihood to Renew
10
Phish ER has reduced the time my team and I spend on reported emails by over 80%. With the volume of emails reported and a small team this is a must have.
Products Replaced
No
Key Differentiators
  • Integration with Other Systems
  • Ease of Use
We have made reporting emails via Phish Alert a cornerstone message in our Awareness program, so anything we implemented had to work with the Phish Alert button.
Evaluation Lessons Learned
I wouldn't change anything. The evaluation was straight forward and we chose to move forward with the best product.
Support Rating
9
Responses to questions were answered quickly and accurately.
Premium Support
I'm not sure if we purchased a premium support option. I don't think so.
Bug Resolution
No
Exceptional Examples of KnowBe4 PhishER&#x2F;PhishER Plus Support
I've had multiple support cases opened that I not only received an answer to the problem in question but also details on best practices that improved the underlying process.
Usability
10
The product is easy to setup, use and maintain. The product is stable and performs as expected
Easy Tasks
  • The rules are easy to define and implement.
  • The actions provided a way to create the email flows that I wanted.
  • The templates are easy to design and allow for all the content that I wanted.
Difficult Tasks
  • None
July 25, 2023

Automated Email and Incident Response Solution!

Verified User
Employee in Information Technology
Mechanical Or Industrial Engineering Company, 501-1000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use KnowBe4 PhishER as part of our email analysis when users report emails to the team and also have some visibility what users report and how often. Some business problems this product addresses is the need to free up team resources to review emails on a daily basis. Another problem this product addresses is that it creates additional flexibility within the overall workflow. For example, when a ticket needs to get created internally for review, it's just one click of a button. This product helps automate some of our tasks that would normally be a manual effort.
Pros and Cons
  • Provides high level reporting
  • Integration with ticketing system such as Jira
  • The flexibility of creating rules that align with various workflows
  • Easy to use interface
  • The number of action items could be expanded to include more functionality
  • The option to schedule reports and send to various team members to eliminate the need to go into the console on a weekly or monthly basis
  • Additional widgets to expand the dashboard functionality
Likelihood to Recommend
The KnowBe4 PhishER is a great product that integrates well with the KnowBe4 security education platform and Jira service desk. Those two integrations make the general workflow effortless for someone who is in the product on a daily basis. This reduces manual work and allows our team to be productive and work on other projects.

This product also gives the team visibility on what is being reported and help determine if the email reported is localized or widespread throughout the organization. Meaning, depending on how many people report an email based on location and job roles.

This solution is well suited for an organization or team who would like to automate the guess work of determining if a email is a phish, spam, or safe. Additionally, have that one click response to the user who reported to get additional insight on if they did respond to the email or clicked on that was determined to be a real phishing email.

KnowBe4 PhishER&#x2F;PhishER Plus Feature Ratings
Incident Response Platforms (5)
78%
7.8
Company-wide Incident Reporting
70%
7.0
Integration with Other Security Systems
80%
8.0
Centralized Dashboard
60%
6.0
Machine Learning to Prevent Incidents
90%
9.0
Live Response for Rapid Remediation
90%
9.0
Return on Investment
  • Freed up team resources with automation
  • Real time data on email reporting
  • Resolve incidents in a timely manner
  • Response and communication capabilities
Time Savings
PhishER has definitely saved our team and organization by utilizing the machine learning functionality within the solution. What use to take 30 minutes or more now takes less than 5 minutes. The benefits that it brings to our organization is freed up team resources, increased our confidence levels to determine real threats, and overall security posture throughout the organization. As this works alongside the security education platform, we are able to use phish-flip to turn active phishing attacks into safe templates into a learning opportunity.
PhishER Capabilities
Our organization has implemented PhishML, PhishRIP, PhishFLIP to help automate remediation of known threats from our users' mailboxes. We found these capabilities to very useful and help with our education and remedial efforts. Having used this capabilities allows the team to have a good insight on what emails are being reported as well as get another review on them as well.
Having reviewed and currently using these capabilities has spread general awareness not only to our team but our entire organization. We have noticed increased communication from our users and everyone wants to help report suspicious emails and let this solution further help with the analysis. We have found that our overall phish-prone percentages have gone down since the implementation of PhishFlip. Additionally, this reduces some of the risk that the organization once had.
Alternatives Considered
PhishER is my opinion is an industry leader when it comes to a tool for email analysis and remediation. This solution has a solid interface to use and understand its functionality. Additionally it has easy integrations with other security products that make this appealing for organizations in most industries. Overall, we are pleased with PhishER and complements the security education platform very well to have nearly that all in one solution.
Other Software Used
Product Configurability
10
I believe the configurability for this product is somewhat limited as it related to the number of actions that can be configured. At the time of this writing, the total number of configurable actions allowed is eight.

There are times when I am reviewing emails and don't have the correct action available. Having additional action buttons would help the automation process. This is something that has great potential and I find it very useful and reduces time for my team.
Configuration Lessons
When configuring KnowBe4 PhishER in your environment it is often considered best practice to evaluate your current environment and understand how this would fit into your current security stack. One of many benefits of having PhishER is the opportunity to automate repetitive tasks saving you and the team countless hours of reviewing emails.

UI Customization
Some - we have done small customizations to the interface
We have made some small customizations to the interface that helps us automate repetitive tasks and free up team resources to work on other project. For the most part, it was straight forward and easy to do with minimal effort.

Some examples are creating custom email workflow rules, enabling additional actions for communication purposes, add additional tags for certain emails.
Extensibility and Customization
No - we have not done any custom code
Additional Customization Considerations
PhishER is customizable to fit into most environments and can be a huge time saver for the responsible team(s). Having PhishER is another great tool that can give an "Eyes on Glass" approach to email monitoring and see how your users respond to emails. Having creating the different emails tags does help with reporting and give you a good overall visual on emails within your environment.
July 25, 2023

KnowBe4 PhishER is Best in the Business

MR
Matthew Reedy
Server Adminstrator
MidwayUSA (Retail, 501-1000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Use KnowBe4 PhishER for users to submit tickets to our helpdesk team. We have automation setup to process findings and pass the emails to the correct tech's for investigation.
Pros and Cons
  • Custom Rules for Phishing Emails
  • Custom Reports for IT and Exec
  • Integrate with other Phishing providers
  • More control on their rules or be able to script more
  • Allow to remove emails from exchange server if they are phishing emails
Likelihood to Recommend
Allowed us to automate our phish reporting for users and to catch the emails quicker with out a lot of time reviewing emails.
KnowBe4 PhishER&#x2F;PhishER Plus Feature Ratings
Incident Response Platforms (5)
88%
8.8
Company-wide Incident Reporting
80%
8.0
Integration with Other Security Systems
80%
8.0
Centralized Dashboard
100%
10.0
Machine Learning to Prevent Incidents
90%
9.0
Live Response for Rapid Remediation
90%
9.0
Return on Investment
  • Helped to reduce the time to respond to emails for tech's
  • allows helpdesk to work with users and not take away from Exchange Admin's
Time Savings
Being able to setup rules for emails that come in and deal with quickly has been a major help for us. To get the first email triage it and then take care of any of the other emails like this comes in to automate the process.
PhishER Capabilities
We have implemented KnowBe4 PhishER Blocklist so far and will be testing ML and Flip shortly.
Saved us time and money with reducing labor of repeated incoming emails.
Alternatives Considered
Yes, KnowBe4 stands up to the largest of vendors.
Other Software Used
Product Configurability
8
KnowBe4 has a lot of features and easy to configure for admin's. Adding the report button was the toughest part because there were so many different ways to deploy it to everyone. Once we figured out the direction the company wanted to go we hit the ground running and got the buttons installed in 30 minutes.
Configuration Lessons
Make sure that you know what types of products you want to install button. It makes the installations easier. PhishER is great and has help cut down time with rules that process emails that are submitted with out our admin's having to touch each email that comes in.
UI Customization
Some - we have done small customizations to the interface
Once we had a little tour of PhishER we saw what we could do with the rules and customizations to make our lives easier. Start small and add as you go. We still need to tweak the customizations every couple of months because things change.
Extensibility and Customization
No - we have not done any custom code
Additional Customization Considerations
Being able to customize some of the rules and action are great for us. Not just an out of the box piece of software that you can't fit to your business.
Users and Roles
10
Server, Network, HelpDesk and Management use this product.
Support Headcount Required
5
Users in the Server and HelpDesk teams use PhishER and need to know some basic email and filtering rules.
Business Processes Supported
  • Reporting emails from Outlook
  • Rules to automatically take care of emails that come in regularly
  • Rules to let the user know what is going on and not have a black hole that these email end up in.
Innovative Uses
  • Lets us know when our Health Provider starts sending out emails to user, so we can notify users of this email and that its not spam.
  • Helps us reward users that report emails that most to help protect our company
Future Planned Uses
  • Looking in some custom coding to send scams and virus email to other vendors for deep inspections
  • Notify supervisors about their users and who clicks on everything for safety training.
Likelihood to Renew
10
We really like the cost and the coverage that PhishER brings to the company and being able to over lap with our email provider and spam filtering vendors has been a huge help.
Products Replaced
No
Key Differentiators
  • Scalability
  • Integration with Other Systems
  • Other
Being able to report emails and create rules to automate these was the biggest factor.
Evaluation Lessons Learned
Being able to do so much with PhishER has made us question other vendors and why they aren't already doing what PhishER already does. That we use PhishER on top of what other vendors do because it's more customizable.
Implementation Rating
10
Work with support or rep for some basic steps, the rest is pretty straight foward.
Implementation Details / Implementation Partner
  • Implemented in-house
Implementation Phases
No
Change Management Lessons
Change management was minimal
Implementation Issues
  • Yara Rule Editor was the only issue we encountered
Support Rating
9
Support has been easy to get along with and easy to understand.
Premium Support
We didn't purchase premium support because the product is very easy to use.
Bug Resolution
No
Exceptional Examples of KnowBe4 PhishER&#x2F;PhishER Plus Support
Doing some customizing on our rules, support was able to listen to our needs and send us an example of what we needed promptly. Then they followed up with some suggestions to add to it like some other companies had already done.
Usability
10
Very easy to use and able to customize it to our companies needs and changing needs monthly.
Easy Tasks
  • Phish button is the best thing we have used
  • Rules are setup and changed around all the time depending on our environment
Difficult Tasks
  • Yara Rule Editor was a little tough to understand but it didn't take long.
  • iPhone users button to be able to
Mobile Interface Availability and Impressions
Yes
It works well, iPhones have a little issue with interface but it's manageable.
Ease of Integration
9
PhishER is easy to intergrate with other providers but some of the other vendors don't play nice with PhishER
Systems Integrated With
  • Proofpoint
  • Microsoft Exchange Online
Getting the systems to talk to each other was the toughest part, after that it was easy to update and exchange information.
Future Integration Plans
  • Exchange 2019
  • Other Email Vendors
  • Mail Relay
Some vendors support integration and some your have to manipulate it to work with powershell or coding.
Types of Integration
  • File import/export
  • API (e.g. SOAP or REST)
  • AppExchange or similar marketplace
Powershell
Integration Lessons Learned
Know your vendors and talk to them about integration before you try to integrate PhishER.
July 25, 2023

KnowBe4 PhishER - Two Fins Up

CM
Cuyler McCoy
Senior Systems Engineer
PayrHealth LLC (Hospital & Health Care, 51-200 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
With today's growing phishing attack surface, the need for a reporting and management system is inevitable. Manually managing phishing responses is cumbersome and downright unsafe. KnowBe4 PhishER allows us to quickly and safely manage our phishing reports.
Pros and Cons
  • Detailed Phishing Indicators
  • Automatic Categorization of Phishing Emails
  • Multi-Admin Workflow
  • Automated Responses
  • Setup a bit tricky out of the box. I prefer self-service setups that are easy to use, but KnowBe4 PhishER does offer great service for their products.
Likelihood to Recommend
KnowBe4 PhishER is suited for any decently sized organization. No matter the business, phishing is a severe threat today.
KnowBe4 PhishER&#x2F;PhishER Plus Feature Ratings
Incident Response Platforms (5)
60%
6.0
Company-wide Incident Reporting
N/A
N/A
Integration with Other Security Systems
100%
10.0
Centralized Dashboard
100%
10.0
Machine Learning to Prevent Incidents
N/A
N/A
Live Response for Rapid Remediation
100%
10.0
Return on Investment
  • Less time coordinating phishing response
  • Less time investigating reports
  • Mitigating phishing risk more effectively
Time Savings
The PhishER identification tags are vital to our response team. The tags help us prioritize threats over spam or false positive reports.
PhishER Capabilities
PhishML, PhishRIP, and PhishER blocklist
All capabilities allow us to centrally manage our phishing response. Before we would have to manually track down emails in Microsoft's Security console, wasting a lot of time. All capabilities allow us to easily manage our phishing threats.
Other Software Used
Product Configurability
9
KnowBe4 PhishER is flexible. The configuration can be as simple or complex as you like. They also offers support for configuring the instance to your organization's specific needs.
Configuration Lessons
Talk with your rep to ensure you are using the software to its fullest potential.
UI Customization
Some - we have done small customizations to the interface
Setting up workflows for your team is important. Having specific workflows for our criteria is helpful. Configuring quick actions also saves us a lot of time.
Extensibility and Customization
No - we have not done any custom code
Additional Customization Considerations
N/a
Users and Roles
160
Information technology (reviewers) and end users (reporters)
Support Headcount Required
1
Information Technology with a focus on security
Business Processes Supported
  • Security
  • Ransomware Mitigation
  • Malicious email tracking
Innovative Uses
  • Automated workflows
  • Automated responses
Future Planned Uses
  • Machine learning
Likelihood to Renew
10
KnowBe4 PhishER fits nicely into their product suite. It is both affordable and useful.
Products Replaced
No
Key Differentiators
  • Cloud Solutions
  • Integration with Other Systems
  • Ease of Use
Ease of use is important for small businesses that don't have many resources to dedicate to a complicated solution.
Evaluation Lessons Learned
I wouldn't change anything
Support Rating
10
KnowBe4 support is attentive to our needs. Our requests and concerns are always processed quickly.
Premium Support
No, the support is included in our current contract
Bug Resolution
No
Exceptional Examples of KnowBe4 PhishER&#x2F;PhishER Plus Support
They assisted us with setting up the more handy features, like quick actions.
Usability
7
The configuration is a bit complicated, but easy once you get the hang of it. Once configured, it is easy to manage our malicious emails that are reported by our staff.
Easy Tasks
  • Quick actions
  • Link tracking
Difficult Tasks
  • Initial setup
Return to navigation