Overall Satisfaction with Cofense PhishMe
We use it across the entire organization. It helps people better understand their susceptibility. Everyone knows that phishing is bad and we shouldn't click on bad links, yet it still happens. No amount of annual awareness training will change that. Cofense PhishMe lets people know as soon as they fell for one that they too are susceptible.
- Raw material - no need to go hunt out scenarios. There are plenty to choose from.
- Software interface makes it easy to organize a campaign.
- Reporting - it's easy to spot repeat offenders for additional phishing or individualized training.
- We like to pass each campaign by a couple of people. While I can send a test to someone, a simple workflow approval would be nice.
- You could automate user cleanup of inactive accounts a little better.
- While difficult to convert risk reduction to a dollar amount, it has achieved the goals of measuring and reducing click rates.
- Some users feel we are trying to "trick" them.
For reporter, we've used GoSecure IDR. KnowBe4 is probably the biggest paid competitor I've seen and tried a demo.
For opensource, things like GoPhish or the Social Engineering Toolkit within Kali Linux aren't bad. Both require more effort, so you either pay Cofense for ease of use or pay with your time for the others.
For opensource, things like GoPhish or the Social Engineering Toolkit within Kali Linux aren't bad. Both require more effort, so you either pay Cofense for ease of use or pay with your time for the others.