KnowBe4 - The platform trying to wrangle the risky, messy, not as talked about, HUMAN element of IT.
December 12, 2019

KnowBe4 - The platform trying to wrangle the risky, messy, not as talked about, HUMAN element of IT.

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with KnowBe4

KnowBe4's AD integration functionality allows for fantastic user management. The ADI feature uses a service on an on-prem server to grab KnowBe4 users and then delivers that updated user listing info to KnowBe4 multiple times a day. In addition to the default features of the AD tool, it also allows for customization to import non-standard AD attributes and other information that is helpful for me to automate and organize my administrative efforts in KnowBe4.
The KnowBe4 Security Training and Phishing platform is used by our users organization-wide. We administer new hire IT security training to all new hires and and perioidically recurring security training refresher courses to all of our users. Also, all of our users have access to the phish alert button which they use to report potential phishes to us, the InfoSec team. We use KnowBe4's PhishER platform to inspect & respond to reported phishes. Lastly, we use the simulated phishing functionality of KnowBe4 to identify phish-prone users and keep our users "on their toes."

The KnowBe4 platform helps us, the InfoSec team, to bolster our first line of defense against attacks, our users, by providing high-quality training modules. It also helps us gather important metrics around phishing in regards to reported real phishes and phishing-prone percentages from simulated phishes.

Pros

  • PhishER allows us to practically address the mountains of reported phishes that come in daily - providing a quick workflow for us to determine the nature of a reported message and respond to it quickly.
  • KnowBe4's Security awareness training is a great tool not only due to its actual training content, but also its reporting functionality, AD integration functionality (incredibly valuable from an admin time saving perspective), and more.

Cons

  • I would like to see KnowBe4 expand their API functionality to also allow for easy reporting of PhishER metrics, instead of just metrics from training campaigns, org. risk scores, etc.
  • I would like to see KnowBe4 improve the technical reliability of their Training modules. It's a small percentage, but we typically hear back from a subset of users reporting that: the training campaign froze 70% of the way through, sound wouldn't work properly, a certain page of a training was improperly rendered (improperly scaled/zoomed in), etc.
  • It's difficult to track how SAT impacts ROI as they are several layers removed from one another. However, considering that our AP department has fallen victim to damaging wire fraud phishes in the past, SAT modules that cover phishing, fraud, and develop a user's general sense of skepticism and caution on the web definitely help us defend against those risks recurring in the future.
  • KnowB4's PhishER platform has dramatically improved the InfoSec department's efficiency at responding to reported potential phishing messages, therefore freeing up those labor hours to contribute to the organization in other value-adding ways.
I've used KnowBe4's support as we transitioned from manual user imports to using KnowBe4's AD integration functionality. The team was very supportive, responsive, and helpful during that process.

Do you think KnowBe4 Security Awareness Training delivers good value for the price?

Yes

Are you happy with KnowBe4 Security Awareness Training's feature set?

Yes

Did KnowBe4 Security Awareness Training live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of KnowBe4 Security Awareness Training go as expected?

I wasn't involved with the implementation phase

Would you buy KnowBe4 Security Awareness Training again?

Yes

Fresh content from KnowBe4 helps us issue refresher courses to users to further bolster our human firewall without having to bore our users with repetitive material.
Our overall security risk score is a metric that we report up to the board on a regular basis. Also, counts of users that have received new-hire training are reported up to the board on a regular basis. Lastly, we report up simulated phishing test results to the board.
If your organization is looking for a well-established, well-engineered method of delivering security training, phishing reporting capabilities, or simulated phishing to users, then KnowBe4 is a great option.

KnowBe4 may not be well suited for users at a very small shop, as budget/admin-time restraints may not make KnowBe4 pencil. However, if you have the manpower to administrate it (which isn't a necessarily tall order, but is important to consider when acquiring new bells and whistles for an IT department), then KnowBe4 is a great platform to address cybersecurity from a user's first, bottom-up perspective.

Comments

More Reviews of KnowBe4 Security Awareness Training