Proofpoint Security Awareness Training Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
53 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.9 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 41)

Anonymous | TrustRadius Reviewer
October 24, 2019

We are happy with PSAT and would buy it again.

Score 7 out of 10
Vetted Review
Verified User
Review Source
We use PSAT across our whole company. We use the training modules with our LMS solution and the phish campaigns. The phish campaigns have had a positive influence on our users. We have almost 50% of our users using the report phish button in Outlook.
  • The report phish Outlook add-in button has had a positive influence on our users. We have many users regularly reporting suspect phish emails.
  • The templates for the phish campaigns are very up to date, using real life recent phishing attacks. This makes our phishing campaigns much more realistic.
  • The training modules from PSAT are very effective and useful with our LMS system.
  • The Azure Active Directory syncing has shown some weaknesses during upgrades to their system, requiring PSAT product support.
  • The Report Phish add-in button does not work in Outlook on shared mailboxes and O365 group mailboxes. Our shared mailboxes rank highest on our VAP list.
  • We would like to see login integration with the rest of the Proofpoint portals.
It is well suited for test phishing campaigns. Test phishing campaigns are probably our highest usage of PSAT. Second to the campaigns are the use of the training modules and integrating them with our LMS system.
Read this authenticated review
Anonymous | TrustRadius Reviewer
January 31, 2020

Proofpoint security awareness is perfect for companies looking for clear-cut metrics

Score 7 out of 10
Vetted Review
Verified User
Review Source
We use this platform as a part of our cyber-security awareness program in which we send simulated phishing emails to our employees to see if they click on the link or attachments. It is being utilized throughout the entire organization.
  • Provides plenty of usable phishing templates.
  • Clear reporting after a phishing campaign.
  • The admin interface is very intuitive and easy to use.
  • No improvement needed so far.
This product is well suited in situations where an organization is trying to gather metrics that show the success (or failure) of their cyber-security awareness program. It is not well suited in situations where organizations don't have a formal cyber-security department or someone in IT whose main focus isn't cyber-security.
Read this authenticated review
Anonymous | TrustRadius Reviewer
December 09, 2019

Great Security Awareness option....especially if you're on a tight budget

Score 7 out of 10
Vetted Review
Verified User
Review Source
We are utilizing the Proofpoint Security Awareness Training across all lines of business at this time. This platform allows us to educate our employees about various IT Security related threats that they are likely to encounter. We also use it for metrics as it relates to education improvement as well as compliance (for Cyber Security Insurance purposes).
  • The modules are easy to follow and relatively quick to complete.
  • The ability to integrate (read) data from our Active Directory really helps to import user lists into the program.
  • Good variety of domains to select from for URLs inside of simulated Phishing emails.
  • The lowest tier of Education modules is somewhat sparse. More modules are available if you select a higher one.
  • The initial setup can be a bit time-consuming to get the user lists to configure/imported (based on OU).
  • The initial setup can be a bit time-consuming to get the user lists to configure/imported (based on OU).
The Proofpoint Security Awareness Training is an ideal solution for companies trying to improve user education related to IT Security related topics. The modules are pretty easy to understand; even non-technical people can follow along without much difficulty. Depending on how your Active Directory environment is laid out (specifically your OU structure), it can be difficult to get only specific users imported. I think this is an ideal solution for a first-time Security Awareness training platform implementation. Once your users get educated on the initial rounds, you may want to increase the Tier level or inquire about alternatives.
Read this authenticated review
Anonymous | TrustRadius Reviewer
October 30, 2019

Proofpoint Security Training

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use a few of their modules. i.e. PhishAlarm, ThreatSim, and CyberStrength. We use PhishAlarm to let users notify IT when they get phishing emails. These notifications get sent to all of members of a distribution list where the team will review them. We use ThreatSim to send out phishing emails to test our users on their cybersecurity education through the CyberStrength module.
  • Their CyberStrength training modules are up to date and are very relevant in today's cybersecurity world. This definitely helps us keep our users up to date with all of today's threats.
  • Their support team is great. I get a reply within an hour when I need help with something which gives me confidence in deploying training to the whole company.
  • Their phishing tests are also always up to date. This allows us to really test our users to see if they are paying attention to the training we send out.
  • Managing users is a little tricky, I hope in the next end user sync update, it automatically pulls new active users into the platform without having to run a script to start the sync process. It also needs the ability to remove users from the platform or mark the users as inactive when a user is offboarded from AD.
Proofpoint Security Awareness Training is can be used in all companies no matter the size.
Read this authenticated review
Nicole McMillian | TrustRadius Reviewer
September 20, 2019

Proofpoint Security Awareness is a MUST HAVE for your Organization

Score 10 out of 10
Vetted Review
Verified User
Review Source
Our company recently purchased Proofpoint Security Awareness to be used across our organization for security training. We realized that in order to keep our company safe it is important to educate our employees. We have been using the phishing campaigns, as well as the training modules.
We have been phishing different departments across the company to get an initial "click" rate. The week after the initial "phish" we then send the department through a training module. The third week they are "phished" again. This process has continued until the whole company has gone through this first phase. Going forward our plan is to add a Proofpoint Module to our New Hire orientation, and we plan to do Quarterly Campaigns across the organization on different security topics.
  • Proofpoint has a huge library of phishing emails to choose from. They add new examples every week.
  • The training modules are fun and interactive and keep the user engaged.
  • The posters, and downloadable materials are amazing and really give a great visual to support your security campaigns.
  • The product is easy to use, and Proofpoint Support Staff are always available to help with any issues you have.
  • After a training module is completed you will have people who have not done the assignment. I would like to see a way to auto enroll or add them to a new assignment, from the one the did not complete.
  • Mostly my issues are around the people who do not finish a training and how to make the process easier for the administrator since I am doing three of these a week it is hard to keep up with the people who do not finish or even start.
I think that Proofpoint is the best product on the market for Security Awareness Training. They make it easy, they have taken all the guess work out of it. You are supplied with everything you need to have a successful program and you don't have to be a "teacher" to do this. They have taken all of the guess work out of it.
Read Nicole McMillian's full review
Russell Koo | TrustRadius Reviewer
September 10, 2019

Proofpoint meets our needs

Score 9 out of 10
Vetted Review
Verified User
Review Source
We have used Proofpoint Security Awareness Training to educate our user community on the dangers that exist in the technology world. We have employed this training throughout the organization from the CEO on down. This addresses the need for caution in actioning potentially dangerous situations such as attachments and links. It has been very successful.
  • Provides engaging training assignments.
  • Answers user questions quickly and effectively.
  • Provides fresh new content on a regular basis.
  • Occasional issues in scrolling, depending on the browser.
  • A slightly wider array of training choices - many topics, but only a few choices per topic.
Proofpoint Security Awareness Training is ideally suited for educating non-technical staff. The training assignments convey the information clearly and succinctly, but all information is always very clear, easy to read and very easy to comprehend. We have found, with a very mobile workforce, that the training is very available and allows for quick, pointed info transfer.
Read Russell Koo's full review
Mykolas Lekavicius | TrustRadius Reviewer
September 18, 2019

Proofpoint - proves worthy and up to the point!

Score 7 out of 10
Vetted Review
Verified User
Review Source
Our company uses the Proofpoint platform to invite our employees to pass GDPR certification. The records are stored in our system, as well as we use the system to send the invitations/reminders.
  • Good support (from Mr. Kurt Werner)
  • Polite communication
  • Good price
  • Bulk management of users is very complicated and unclear
  • The overall systems are lacking integrated instructions
Well suited for mass-invitations (e.g. global company trainings)

Read Mykolas Lekavicius's full review
Dianna Moses | TrustRadius Reviewer
September 24, 2019

Happy with Proofpoint!

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Security was used by our organization for about a year. It was used to deliver security training to the entire organization. It addressed the need for training in the area of cybersecurity.
  • The Administrator interface was easy to use. It's important for users to be able to create training fast, efficiently and professionally.
  • The content was timely and relevant. Our employees really enjoyed the training!
  • The reporting function was easy to use.
  • At the time that I used the system, there wasn't an easy way to create sequential learning. It appeared more complicated than I expected.
  • To add users to a campaign you had to push the due date out. If only someone could figure out how to solve this!
Proofpoint Security is well suited for companies looking to upskill their employees in the area of cybersecurity. They really do a good job to make it fun, easy and a challenge.
Read Dianna Moses's full review
Andrew Laibrandt | TrustRadius Reviewer
September 20, 2019

Sr IT Security Analyst

Score 8 out of 10
Vetted Review
Verified User
Review Source
This training is used across the agency. We are using it to raise IT Security awareness with employees to meet HIPAA regulatory requirements.
  • Short easy to understand modules.
  • The ability to test users on the knowledge they gained.
  • The ability to execute Phishing Campaign's to validate user awareness levels.
  • The delay between user actions (completing training) and that training being posed to the reporting modules sees to exceed 24 hours at times. This causes training reminders to go out to users who have completed the training.
  • A functional API for management would be a tool that would be a force multiplier in departments such as ours that has limited staffing.
For me, the biggest tool that is missing from this platform is a management API. I was told there is one in testing and if I wanted to take part, I could email a group which I did. I never heard a response which was very disappointing.
Read Andrew Laibrandt's full review
Gus Ko, MBA, MCSA, MCDBA, CCA | TrustRadius Reviewer
September 16, 2019

Great tool to test employee security awareness

Score 10 out of 10
Vetted Review
Verified User
Review Source
It is more comprehensive than what I was expecting. The threat sims are a great at probing users awareness.
  • Threat simulation
  • Assessment exams
  • Examples
  • Ability to select any training after an assessment
  • Design an entire program including threat sim, training, and assessment
  • Notifications
Threat simulation is the most valuable part of the package. Multiple examples are given in each training module.
Read Gus Ko, MBA, MCSA, MCDBA, CCA's full review
Anonymous | TrustRadius Reviewer
September 20, 2019

Build a "Culture of Security" for under $25K!

Score 10 out of 10
Vetted Review
Verified User
Review Source
As often mentioned at Cyber Security Conferences User IT Security Awareness is a key component to your overall IT Security Program.
We’ve used a couple of different methods & companies in the past but the one we’ve found the most success with is Wombat Security Technologies (now Proofpoint).

They provide an Online Training Platform consisting of a number of IT Security Related Training Modules which we are able to distribute (or “assign”) to staff. The breadth and depth of modules goes beyond just avoiding Malware and gets into other security topics such as Data Protection and Destruction, Best Practices while Traveling, PCI-DSS and even PII/PHI & GDPR.

Rather than a single all-encompassing course, we found that small monthly modules that we dish out all year long was the most beneficial to staff to always keep “IT Security” on people’s minds (also, with this approach, as new people start with the company, they get the "security essentials" introduction but then they just fall into the monthly assignment rotation and eventually get all the modules). In addition, modules are updated as new threats emerge (like “ransomware”) so even when people get a repeat, it’s still relevant to their interests.

It was really important for modules to be short at sweet (no module takes longer than 10-15 minutes to complete) and the system will continue to remind (badger) them until they have completed the monthly assignment (note that to “complete” the course they not only have to go through the material, but they also have to achieve a “passing grade” in the interactive exercises).

The courses are “mobile responsive” and can be completed from any internet connected PC, tablet or smartphone, which allows people to do them from anywhere (this negates the complaints of that busy executive who is seldom in the office - "just do it from your phone while you are waiting in the holdroom for your next flight")

People love them and we consistently get 80%+ Participation in every monthly module among our 300 staff throughout all areas of the company (from the guys who sweep the runways to the plumbers in maintenance, to the admin staff in finance). This is because staff see the material as being not only helpful to the company, but also very relevant to protecting themselves at home.

Wombat provides you with an account rep so you can get advice on relevant topics, frequency of training, how to incent your staff, and pretty much anything cyber security related.

Our Proofpoint Package also includes access to their ThreatSIM tool so you can send out simulated phishing Emails and assess the effectiveness of your training programs (back in 2013 I did a baseline and we were 55% Susceptible to Email phishing. As of Q2 of 2019, we’re now down to 5.2% YTD, so I have tangible evidence that it’s been a huge success – besides the fact that we’ve been able to avoid widespread virus/ransomware attacks.)

  • Short Training Modules (10-15 minutes to complete)
  • Mobile Responsive (can be completed from any internet connected device)
  • Interactive (not just a video, to "complete" you need to pass the tests within the module - showing that you're paying attention and understood the material)
  • ThreatSim Testing (to validate the effectiveness of your program)
  • Reporting Tools (provide leadership & executive of performance within each department - don't underestimate the benefits of healthy competition within your organization)
  • Not ALL Modules are 100% "Mobile Responsive" yet (although they claim to be working on it)
  • Module Updates are not as frequent as hoped (although once a year seems to be about the norm)
  • The ThreatSim "Smishing" tool (simulated phishing of your users via SMS) is not available in Canada
Perfect for regular (monthly) training of staff versus a "one and done" annual assignment on Cyber Security.
Allows for a greater number of topics to be covered and for creating a "culture" of security awareness among all Staff throughout the entire company. NOT a replacement for IT Security Certifications amongst your technical staff (CISSPs & GSLCs on staff are a must have). Your Proofpoint Account Rep does most of the heavy lifting, but the program still requires "care and feeding" (resources) within your organization - preparing monthly user lists for training assignments and preparing reports for leadership on participation & progress
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Make yourself aware of Security Awareness vendors - ensure they are a good fit

Score 6 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint across the organization as our Phishiing Simulation platform. It allows us to phish our employees safely and compare the results between campaigns to measure our progress. Users can be assigned automatic training and they provide short teachable moments as well if they click on a link or other item contained in the message.
  • Teachable moments are short training aids launched for those that click on phishes
  • Training can be automatically assigned
  • Campaigns can be cloned making it easy to launch the next one using the last round's settings
  • We have struggled to get the reporting to work as well as we would like
  • The number and type of templates available could be better
  • It would be nice if the solution was more flexible for loading and removing users
For smaller companies that are trying to build their security awareness program and provide users with a foundation of security fundamentals Proofpoint may be a good fit. Once the company has a more defined program and the number of users grows, there may be more comprehensive options available. The size of the training library may be inadequate once a good base has been built.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Proofpoint Customer? Then your security awareness cannot do better than PSAT.

Score 8 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Security Awareness Training is helping us educate our end users on cyber safe behaviors. We have over 10,000 employees across 30+ countries. We have seen an improvement in cyber risky behavior since rolling a number of the tools, from phishing simulations, e-learnings, phish alarm (phish analyzer integrated with trap). It is just one part of our overall Cybersecurity Education & Awareness program, but an important one that allows us to reach all of our employees.
  • One of the most important things it does well is providing support from day one. The team is very friendly, knowledge and quick to help where need be. One of the reason's why we choice Proofpoint over other leaders in the Gartner Magic Quadrant for Security Awareness Computer-Based Training was because of its team.
  • Being a Proofpoint customer, Proofpoint Security Awareness Training's Phishi Alarm & Analyzer integration with Proofpoint tool's such as TRAP allowed us to use automation to help protect the company. The ability to turn all employees into part of the IT Security team, by reporting phish with a button in outlook and then to pull back out of all employees email if condemned, is very powerful. We are looking forward to what is to come as this relationship deepens.
  • It has a comprehensive set of resources and tools to help support a Security Awareness Program. It is nice to be able to work with one company who does many things well vs multiple partners for different aspects of Security Awareness Training.
  • The lack of a user rating on "cyber risk" is proving to be an immense difficulty. As we are looking at how to better hold our employees accountable as well as provide increased learning opportunities for those who need it most, it is becoming cumbersome--especially given the fact this is starting to become the standard for Security Awareness companies. The lack of this is resulting in a manual process vs being able to automate and moderate, thus taking up time and resources, which are always at a scarcity. It can also be cumbersome to look across the tools to see how a particular user is doing, vs being able to view all of their data in one space.
  • If you are a marketer, the editors for the Phishing Templates and Teachable Moments are quite frustrating. They feel out of date and clunky, as well as not featuring an auto-save, so you could lose the templates you are building. At this point, I have actually started to work in other email creation editors and learning HTML, to better customize and then moving all of the code into the editor. It has thus far proven to be less of a headache. I also do not believe the average user is working on branding their program, creating consistency for easy of navigation, and including additional resources in their teachable moments in the way we currently are. However, as more social science backgrounds continue to enter security awareness, I believe this will move towards the norm.
  • Some of the reporting numbers for Simulated Phishing could be better. For example, telling me how many people acknowledged the teachable moment out of the full email campaign is less meaningful than knowing how many people acknowledged it, from those who actually triggered/were shown the teachable moment.
Proofpoint Security Awareness Training is great for
  1. Simulated Phishing Campaigns
  2. Automated/Triggered Training when there is a failed campaign
  3. Phish Alarm & Trap Integration is crucial for your employee base helping report phish; TRAP helps to keep us all safer by pulling back reported phish from all employees inboxes.
It less suited for
  • Identifying those employees most at risk in your company; it does not pull together how an individual is doing across the different offerings
  • Getting training to your most cyber risky employees (because of the above)
  • Tracking & getting training to those employees who actually cause security incidents. While we are currently using Proofpoint Security Awareness training, it is a very manual process to assign this and follow up with employee
  • Annual Training: I am hopeful with the refresh of training content this will improve; the content previously was good for follow up training, but not a more engaging/comprehensive annual training
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 11, 2019

Cyber-Security Awareness Training made easy with fun interactive training modules from Proofpoint.

Score 9 out of 10
Vetted Review
Verified User
Review Source
We contracted with Wombat Security (now Proofpoint Security) to implement a Cybersecurity Awareness and Training program for all of our employees. Our goal is to raise awareness of cybersecurity threats and provide helpful ways for them to be able to identify threats (mostly phishing emails) and report potential issues to the help desk. Although we still have a few people who click on everything, most of our staff is at least aware of threats and will stop and question themselves before clicking a phishing email.
  • The online training modules are interactive and use real-world scenarios to show how threats can reach everyone.
  • The modules ensure understanding of concepts before you can move on.
  • The modules are varied in content, covering many aspects of Cybercrimes - from phishing and social engineering to Physical Security and PII.
  • Proofpoint also provides (as an option) videos and posters to further enhance awareness of potential threats.
  • Customer service is responsive when needed and having access to the Wombat online community platform allows ideas to be shared among users.
  • The platform provides options for many different reports (with some customization options), however, there are reports that I would want that are not available.
  • Adding new staff (we have a lot of turn-over) into an existing training plan can be cumbersome for the system administrator. Although End-User Sync can be set-up to "add" new users to the system, the new users still need to manually be added to the assignments and sent past assignments to complete. (NOTE: this was made more difficult because of our decision to implement a training plan the way we did).
  • Some of the ThreatSim campaigns (simulated phishing or malicious attachment emails) will only work if you are using their PhishAlarm plug-in (add-on button for Outlook, etc. for users to easily report suspected threats). Our users access email by iPhones, Android, iPads, PCs, and Macs. PhishAlarm cannot be used for all of these platforms.
A lot of our staff are not that tech-savvy. Proofpoint helps to raise awareness of possible cyber threats that come along with using technology these days. Companies that are high-tech probably have employees who are used to dealing with SPAM and Phishing attempts so they may not need to be trained on how to avoid these types of tricks.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 10, 2019

Helping our Firm stay smart against phishing threats!

Score 9 out of 10
Vetted Review
Verified User
Review Source
Proofpoint Security Awareness training is being used to send daily phishing exercises to staff here at our firm. This constantly helps our staff become better prepared against actual phishing emails they receive and helps keep our firm's information secure. It addresses the prevention of online security threats since it familiarizes our staff with the signs of a phishing email. It is used across our whole organization.
  • Ability to create personalized phishing emails in addition to the templates.
  • Good strong tracking abilities in order to see which users clicked and for what campaign.
  • A large variety of phishing templates and domain names to choose from, so our users never get too familiar with what might be coming!
  • The PDF/HTML attachment campaigns have limited ability to be customized. It would be more helpful if we could add phishing links inside the pdf attachments.
  • The HTML builder for the custom templates seems a bit limited.
  • Additional types of phishing emails would be a nice addition.
This software is well suited for a large employee environment since it can send random emails throughout the day to many users. It might be less appropriate for a smaller employee environment since there are a limited number of templates and domains that are available. It wouldn't be as beneficial if users became too familiar with the fake domain names.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 10, 2019

A sensible security training product with great support

Score 9 out of 10
Vetted Review
Verified User
Review Source
We have used other security awareness training over the past few years and decided to consolidate our security awareness training with our phishing simulation training into one product line. The training material is used throughout our organization and is short, simple, and interactive with the users. We have had more inquiries to the security team regarding how security can help them from the ProofPoint material.
  • Easy to navigate - Users had complaints about our previous security training as being hard to navigate.
  • Short and to the point - The training material is short and to the point. There are not 1000 words to read and then answer a lengthy quiz at the end. The material and the questions and answers are tightly integrated to keep the user engaged the whole time (5 - 10 minutes).
  • Relevancy - The material is relevant to the company and to their personal lives. For example, the training material regarding password managers spurred an interest in our employees to contact us to sign up for the corporate password manager.
  • Based on our current needs, user feedback, and using other solutions previously, we like the ProofPoint training material the best thus far. The ability to continue refreshing the content to make it fresh and changing the user interactions (to keep users on their toes) over time will be what we look for.
The training is great for a user base that needs high-quality content for their fundamental needs. This is what I would define as timeless content. For items regarding the most current incidents in the news, this is an area that we have not implemented into our awareness program at this time. There are times this is helpful to inform our user base what they should know, what they need to do (if anything), and having a consistent response.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 24, 2019

Employees are the first line of defense!

Score 10 out of 10
Vetted Review
Verified User
Review Source
Currently, Proofpoint Security Awareness Training is being used company-wide with a few of the courses (phishing). With the IT staff, more of the modules are being assigned. We are also assigning the Intro to Phishing to all of our third-party distributors globally. So far, we have been getting favorable reviews from the training. I've also had a few other departments assess and give feedback on a few of the modules.
  • There is nothing new under the sun. Don't reinvent the wheel when it comes to security training. It is plug and play with Proofpoint Security Awareness Training!
  • The information in the training courses is up to date. I hope they continue to update the materials!
  • Languages. This is HUGE for us. Most of the modules are available in a wide variety of languages.
  • Updating courses (2-3 year rotation) to stay current with what is in the news and addressing those topics in security training.
  • The phishing courses are great (Phil and Phyllis) but the fish and cartoons could be changed to tell the same story in a new way. What about an immunization record?
  • More availability for customization before adding modules to our LMS. Giving us the ability to add our logo or company name would be great when choosing the SCORM file route.
Phishing is a great course for us to be able to assign to our distribution partners. We have had a few phishing breaches and we recognize how important it is to educate our distributors in the field. Since we assigned the Intro to Phishing this year through Proofpoint Security Awareness, I would like to have the flexibility to assign the same course next year for new distributors as they onboard. With existing distributors, I don't feel 100% comfortable with assigned Phil and Phyllis. The cartoon fish is a bit cheesy.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 24, 2019

A fantastic opportunity to learn

Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Proofpoint Security Awareness Traning across the whole organization. We have a problem with email attacks and we are using videos, posters, education modules, and phishing attack simulation to improve our security culture. I am using all Proofpoint capabilities for more than 12.500 users.
  • It easy to use.
  • It has very interesting content.
  • Fantastic support.
  • Language - Not all translations are formally correct.
  • Normally new contents are available only in English. After 40 days, other languages are available.
  • In Italy, we don't have the possibility of using SMiShing simulation.
I think the most interesting scenario to use Proofpoint is correlated to email protection. In fact, you can use all capability with the scope to improve awareness on cyber risk derivating from email. You have a theoretical approach (education modules) and a practica/pragmatic approach (phishing simulation) to measure user ability.
The "in-depth" approach is present only for the email. Could be interesting use the same approach also for the other security domains.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

The Proof is in the Pudding

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint Security Awareness Training to empower our user-base with knowledge and techniques to combat information security breaches both at work and at home. Proofpoint is used by the entire organization, with the IT department coordinating phishing simulations, testing, and more on a set schedule. Teaching our users how to properly avoid hazardous links, unsafe sites, and social engineering helps to make our environment more safe and keep our employee's data safe at work, and at home.
  • Great communication from Proofpoint support
  • Unbeatable reporting tools
  • Great pre-baked tests and training which help keep the users focused and interested
  • There are so many reports and statistics that sometimes it can be difficult to find the exact metric you're looking for
Proofpoint Security Awareness Training is well suited to any environment, but I think you will get the most value out of it in an environment where you have a medium to large sized user base and your users are not too familiar with the dangers of working online. Some content may seem old-hat to more tech-savvy. In our environment, it is the perfect solution.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Proof point's to the solution of employee security awareness training

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use it for Security Awareness training for our employees. This is done every month. In addition, new employees are given catch up modules to complete during their first few weeks of employment. It has definitely made employees more security conscious and they now take a step back before doing what they use to do with emails in regards to clicking on links, downloading attachments, etc. We also run phishing campaigns to keep them on their toes. We have seen significant increases in each campaign as fewer and fewer users get tricked.
  • Interesting Modules
  • Ability to sync local AD to the security awareness portal
  • Phishing Campaigns
  • Customer success managers need to play a more active role in the roll out of their products. Technical support is extremely helpful but having more knowledgeable and active CSMs would help a lot, especially for smaller companies that may not have the IT staff to assign security training to
  • Scheduled reports for active training assignments used to work really well and now are not generating anything in the reports. This has been sent to support but it's been with them for quite a while now with no success in fixing the issue. Our managers look forward to these weekly reports that I now have to generate by hand and email out
  • More training modules developed per month would be greatly appreciated. There are not many left for us to train on. We could reuse some but we'd rather have up to date modules for real world threats
I think it's well suited for all office based environments, including shop floors. Active employees such as line workers, EMTs, Firemen, Police, etc. not so much as there computer face time is severely limited.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

9 Months with Proofpoint

Score 10 out of 10
Vetted Review
Verified User
Review Source
We are currently using Proofpoint across our entire organization. In the past, even with email filtering, endpoint and UTM protection, we still had a case of ransomware. Proofpoint is not the last defense for us in that chain, but the first and best.
  • The training itself. The trainings are setup to be quick yet thorough. Users can finish them quick without feeling bogged down by information and yet given strong takeaways. Other industries could learn from their format.
  • Tools. The tools to manage the accounts, email templates, schedules, etc are well thought out. My first impression was it would add a lot of work to manage the platform, I was completely wrong about that.
  • Support. Although their online management and help interfaces are generally all you need, the amount of support I have been offered has been tremendous. They are always there to help out.
  • Email templates. The email templates can be glitchy- ie not showing the correct replacement parameters or vice versa not delivering what was shown.
  • User management. The ability to review what individual groups or users have completed would be nice.
  • Recommended path/scheduling. Although materials are provided, it would be better to have the training modules already laid out by completed and/or a recommended path. As it is, reviewing what was completed already is a bit messy.
Even hardened technology professionals can make mistakes. Proofpoint is great about teaching all of us what to be aware of, but that isn't even the core of it. Bringing a level awareness that makes us all more careful is the real message. The ongoing checks and balances is now a fundamental core of our security presence.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Proofpoint Threatsim

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint to perform phishing exercises with the intention of raising awareness for that type of attack. Users who fall for the phish are shown educational messages about how they can better judge their emails and hopefully not fall for them in the future. There is also a phish alarm plugin for outlook that we are experimenting with.
  • We like the ability to bulk import our user lists
  • The preconfigured phish emails are convincing to the untrained eye
  • The educational messages that come with the tool are very useful.
  • We had some issues with getting accurate metrics, but support eventually helped us work it out.
It is an incredibly useful and intuitive tool for educating users in bulk. I love having the ability to quickly target groups based on location, department, or even past phishing assessment performance. All of the templates are easily configurable, although I rarely feel the need to. While this is the only tool of its type that I've tried, I have no reason to look anywhere else.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Effective but not adapted to all business contexts

Score 7 out of 10
Vetted Review
Verified User
Review Source
We use Proofpoint Security Awareness Training accross the whole organization to manage our IT security awareness campaign to all users.
It permit to sensitize about risks linked to business activities : working remotely, surfing in an unsecured way, don't be careful with personal data etc. Moreover the product permit to adress the topics related to phishing attacks, through modules, training sessions and phishing campaigns
  • Turnkey solution
  • Adaptable and polyvalent content
  • User support
  • Easy handling of the platform
  • Images (for posters, wallpapers) not really catchy
  • Visuals with too many information on it (text, explanations etc.)
  • E-learnings mainly in English, and with no audio track
Proofpoint Security Awareness training is well adapted for organizations which want to make classical IT awareness campaigns, based on posters, articles, wallpapers and e-learnings.
Their database of content related to cybersecurity and content adaptability is an advantage. It allows you to have material available on many topics related to IT security.

However, the content is mainly effective for so-called "classic" campaigns and does not necessarily adapt to the scale of large groups, with specific working contexts. It does not allow the specificity of an area to be taken into account and the way the campaign is conducted to be adapted to it. For example, more interactive and entertaining content could be an advantage over traditional e-learning.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Phishing Simulations and Information Security Training

Score 10 out of 10
Vetted Review
Verified User
Review Source
It's helping us meet compliance requirements by providing security training to all internal users at the Company, specifically focusing on phishing threats. We provide new employee as well as ongoing security training for all employees and perform phishing exercises with Proofpoint on a regular basis in order to keep information security at the forefront of all employees minds.
  • New Employee Training
  • Ongoing Information Security Training
  • Phishing Exercises
  • User management isn't the easiest to maintain
  • Reporting is good but could be better
It's appropriate if your goal is to remind employees of the importance of information security at a high level, via module training as well as phishing exercises. The phishing exercises are great, however, the reporting on them is not reliable, as because of outlook previews an email is being marked as read even when an employee deleted it or reported it.
Read this authenticated review
Anonymous | TrustRadius Reviewer
September 20, 2019

Get Wombat along with the rest of the Proofpoint security platform to ensure your company is well trained and protected

Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently use Wombat across the whole organization, it is deployed by my department (IT) to the rest of the company. We use Wombat to address phishing attempts via email to our end users as we continue to grow as a company. Pushing security awareness has become an important piece to ensure that our company stays successful and continues to push forward.
  • Phishing templates are very nice. I am looking forward to the new customization abilities that I saw at Protect 2019
  • Training modules are short but informative. Many end users would not be receptive of training modules if they were too lengthy or used too many technical terms for a non-IT end user
  • Account manager is very responsive to any questions or suggestions I may have.
  • Wombat could do a better job of providing a timeline of upcoming updates and features to the product, we don't seem to hear about them as much as we should I think.
  • I would like to see customization of training modules happen sooner than later.
Wombat is a must have if you already have Proofpoint in your environment. Aside from that, I would rate it as a better standalone product than it's two main competitors (KnowBe4 and Cofense).

Wombat could be less appropriate if your user base is solely an IT user base, aside from that I would think Wombat or any sort of security awareness software is a necessity in your business environment.
Read this authenticated review

About Proofpoint Security Awareness Training

Proofpoint Security Awareness Training (formerly Wombat Security) is designed to engage an organization's end users and arm them against real-world attacks, using personalized training based on threat intelligence.

The vendor says they have been a leader in the Gartner Magic Quadrant for Security Awareness Computer-Based Training five years in a row since its inception and are trusted by thousands of customers from the world’s largest enterprises to small and medium-sized businesses.

Proofpoint's portfolio of products include:
  • Simulated Phishing, USB, and SMS attacks
  • Knowledge Assessments
  • Interactive Training
  • Security Awareness Materials
  • Email Reporting and Analysis Tools
  • Available in 35+ languages
  • Reporting tools for business intelligence on end-user risk
According to the vendor, customers using thier solutions have reduced successful phishing attacks and malware infections by up to 90%.

Proofpoint Security Awareness Training Features

Has featureThreatSim® Simulated Phishing Attacks
Has featureCyberStrength® Knowledge Assessments
Has featureInteractive Training
Has featureSecurity Awareness Materials
Has featureBusiness Intelligence
Has featurePhishAlarm® Email Reporting Button
Has featurePhishAlarm® Analyzer Email Analysis Tool
Has featureClosed-Loop Email Analysis and Response (CLEAR)
Has featureThreatSim USB Attacks
Has featureSmishGuru® SMS Attacks

Pricing

  • Has featureFree Trial Available?Yes
  • Does not have featureFree or Freemium Version Available?No
  • Has featurePremium Consulting/Integration Services Available?Yes
  • Entry-level set up fee?Optional

Proofpoint Security Awareness Training Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:All
Supported Languages: Arabic, Burmese, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English (American), English (Australian), English (British), Finnish, French (Canadian), French (European), German, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, Khmer, Korean, Malay, Norwegian, Polish, Portuguese (Brazilian), Romanian, Russian, Spanish (European), Spanish (Latin), Swedish, Thai, Turkish, Ukranian, Vietnamese