KnowBe4 PhishER saves time
Updated December 17, 2025

KnowBe4 PhishER saves time

Aaron Leupold | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with KnowBe4 PhishER/PhishER Plus

We utilize KnowBe4 Phish ER as a secondary level of defense for our users to report suspected phishing emails that made it through the firewall. Phish ER allows me to review the reported email and confirm whether it is a threat or not. If determined to be a threat, then we are able to use Phish ER to find any other emails of the same type in other inboxes and remove them before they are opened.

Pros

  • PhishRIP
  • Machine Learning
  • Ease of use to create rules

Cons

  • Aiding the Machine Learning
  • Adjusting Automated response when ML determines threat
  • More overall Cybersecurity
  • Individual review time has been cut by at least 50%
  • Suspected threat e-mail alerts allows for faster response time.
Identified threat alerts allow the admin to take immediate action and reduce the chance of a missed threat. Additionally, when a threat is identified to be reviewed, it is separated from the rest of the e-mails to reduce the time searching for it. This reduced time searching for threats allows for more time towards training.
As yet we have only utilized PhishRIP and PhishML, which allow for the threat to be assessed as well as the threat to be removed from all users inboxes. Going forward we plan on incorporating PhishFlip and the PhishER Blocklist to expand our usage and further prevent incoming threats.
We have been able to provide faster automated responses to our users. Additionally utilizing PhishRIP keeps the company safer.
PhishER is easy to understand and easy to teach to others. This allows for greater overall usability for admin users. Additionally, with two types of configuration options you can open advanced configuration up to those that are most experienced with some coding and it helps to give better actions and responses based on developed rules.
  • Proofpoint Threat Intelligence Services
Twice we have reviewed total services between KowBe4 PhishER and their training components and compared them to Proofpoint's service and training. We still use Proofpoint for incoming email monitoring, but having PhishER and the training provides overall better options to our company and acts an added security measure to enhance our system and our people.

Do you think KnowBe4 PhishER/PhishER Plus delivers good value for the price?

Yes

Are you happy with KnowBe4 PhishER/PhishER Plus's feature set?

Yes

Did KnowBe4 PhishER/PhishER Plus live up to sales and marketing promises?

Yes

Did implementation of KnowBe4 PhishER/PhishER Plus go as expected?

Yes

Would you buy KnowBe4 PhishER/PhishER Plus again?

Yes

Phish ER is designed to be operated by both the casual/beginning user as well as the more experienced user. When creating rules, there is both a more beginner-friendly option and a more advanced coding option. Utilizing PhishRIP gives the sense of security associated with knowing that you have found and removed the discovered threats.

KnowBe4 PhishER/PhishER Plus Feature Ratings

Incident Response Platforms
9.0
Company-wide Incident Reporting
9
Integration with Other Security Systems
9
Centralized Dashboard
10
Machine Learning to Prevent Incidents
8
Live Response for Rapid Remediation
9

Configuring KnowBe4 PhishER/PhishER Plus

I like that there is an option to configure at an advanced level as well as at a lower experience level. This allows for getting newer team members involved in the process of developing rules and responses from PhishER. Having these different configuration options also allows limits on less experienced admin users, reserving more advanced options to the more experienced users.
When developing automated responses for PhishER it may be best to be more targeted in the responses. If you leave items too broad, or you only do 1-2 rules for responses it can end up being confusing to the reporting user.
No - we have not done any customization to the interface
No - we have not done any custom code
We have not done any extra configuration at this time.

Evaluating KnowBe4 PhishER/PhishER Plus and Competitors

  • Integration with Other Systems
  • Ease of Use
The initial integration was very easy to establish and even as we have migrated to 0365 and there were some adjustments needed the answers were available quickly and allowed us to make necessary changes fast. The ease of integration and continued use by our team currently makes this a hard to replace piece of our business.
I have been part of two internal reviews due to renewal of this product and I don't have any changes that I would make to that process at this time.

KnowBe4 PhishER/PhishER Plus Support

I haven't needed to reach out to support very often, but when I have the responses have been timely and have provided the solutions I have needed. The support has been friendly and have always been able to resolve any issues that have come up.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
No. At this time we have not had a need for premium support for PhishER. I have been able to do any developing for rules as needed and traditional support is able to resolve any issues that may arise.
I still have this email chain saved for reference, but in early 2023 I had an issue with some welcome emails for training. Elyse was able to quickly respond, look through the notification templates that had been created and resolve the issue quickly. She was very helpful and understanding in her support.

Comments

More Reviews of KnowBe4 PhishER/PhishER Plus

  1. Home
  2. Incident Response Platforms
  3. KnowBe4 PhishER/PhishER Plus Reviews
  4. User Review of KnowBe4 PhishER/PhishER Plus