Loading...
KnowBe4 logo

KnowBe4

knowbe4.com ↗ Enterprise 2 sectors

About KnowBe4

KnowBe4 is a Gartner Magic Quadrant Leader (December 2025) delivering the HRM+ (Human Risk Management) platform combining security awareness training, cloud email security (via Egress acquisition), and AI Defense Agents (AIDA). The platform includes Defend (inbound threat protection), Prevent (outbound DLP), Protect (encryption), and PhishER Plus (incident response). AIDA Orchestration provides fully autonomous phishing simulations adapting to individual risk profiles. Trusted by 70,000+ organizations with 13+ million users contributing to global threat intelligence. Users reduce risk scores by 3x with AIDA. Best for organizations prioritizing human-layer security with integrated email protection.

Why Notable

Global SAT leader; 70,000+ customers

Sector Coverage

Email Security: Evaluation & Deployment

Gartner MQ Position (Dec 2025) Leader
Gartner Peer Insights Score 4.4
Deployment Model API-based
Pre-Delivery Blocking Yes
MX Record Required No
Deployment Speed Minutes with native M365 integration
Supported Platforms Microsoft 365, Google Workspace
Admin Console Unified HRM+ Console
Licensing Model Per-user subscription
Licensing Notes Modular: Security Awareness Training, Cloud Email Security (Defend/Prevent/Protect), PhishER Plus
Primary Market Mid-market, Enterprise
MSP Support Yes - Partner Portal

Feature Coverage

2025-2026 Updates

15% malicious email increase (2025) full Tracking threat evolution
84% AI-based attacks detected full Advanced AI threat detection
Defend user base doubled (2025) full Rapid cloud email growth
KnowBe4 Deployment Center full Rapid product deployment tool

AIDA

Advanced reporting by role full AIDA includes reporting views aligned to organizational roles and executive audiences.
Executive reports full Executive-focused reporting is included in the AIDA experience.
Behavioral-data aggregation full AIDA leverages behavioral data across KnowBe4 products.
SmartRisk engine full Uses SmartRisk to prioritize risk and adjust interventions.
Automatic risk prioritization full Automatically prioritizes user risk.
Target-right-users logic full Targets the right users without manual analysis.
Adjust interventions automatically full Adapts interventions over time.
Goal-driven multi-agent model full Agents work individually and collectively under goal-driven model.
Continuous risk assessment full Continuously assesses human risk.
Personalized phishing delivery full Automatically delivers personalized phishing tests.
Personalized training delivery full Automatically delivers training at the individual level.
Adaptive interventions full AIDA uses adaptive interventions to scale human risk management.
Autonomous next-best action full AIDA uses autonomous next-best action to scale human risk management.
Cross-product signal fusion full AIDA uses cross-product signal fusion to scale human risk management.
Individualized testing cadence full AIDA uses individualized testing cadence to scale human risk management.
Individualized training cadence full AIDA uses individualized training cadence to scale human risk management.
Human-risk automation full AIDA uses human-risk automation to scale human risk management.

AIDA AI Agents

3x risk score reduction full Demonstrated improvement with AIDA
8 production AI agents (2026) full Comprehensive autonomous agent suite
AIDA Orchestration full Fully autonomous phishing simulation and training management
Custom SAPA Agent full Tailored security awareness measurement
Deepfake Training Agent full Custom deepfake training with organization leaders
PhishML Insights full AI email threat classification with confidence thresholds
SmartRisk Agent full 316 indicators across 37 factors for risk scoring

AIDA Orchestration

AIDA Orchestration full Moderator agent coordinating the other AIDA agents.
Continuous campaign orchestration full Continuously evaluates risk and triggers next-best action.
Auto-created phishing simulations full Automatically creates phishing simulations.
Auto-assigned training full Automatically assigns training.
Reinforcement triggers full Automatically triggers reinforcement based on need.
Per-user risk-profile tailoring full Actions are tailored to each user’s unique risk profile.
Admin guardrails via Plans full Admins set boundaries for testing frequency and training limits.
Training limits in Plans full Plans control training caps and boundaries.
User-group policies in Plans full Plans can define group-specific policies.
Autonomous execution within guardrails full AIDA executes on its own within defined boundaries.
Always-on HRM system full Designed to replace manual campaign management with continuous operation.

API & Integrations

KSAT Graph API full API access for Security Awareness Training.
KSAT product API token full KSAT APIs authenticate using product API token.
Read-only API token full Supports read-only token creation.
Read/write API token full Supports read/write token creation.
JSON API responses full API returns JSON by default.
PasswordIQ Graph API full API access for PasswordIQ.
PhishER Graph API full API access for PhishER.
SecurityCoach Graph API full API access for SecurityCoach.
KSAT iPaaS integrations full Allows integration-platform-based workflow automation.
Automated awareness workflows full Supports automated security-awareness workflows.
Groups data management full Integration flows can manage groups.
Users data management full Integration flows can manage user data.
Phishing data workflows full Integration flows can manage phishing data.
Training data workflows full Integration flows can manage training data.

Administration & Governance

Security Roles full Role-based administration for KSAT.
Least-privilege admin model full Restricts access by user group and permission level.
AIDA inherited permissions full AIDA agents inherit permissions from existing security roles.
Subscription details view full Account Information shows subscription details.
Organization information settings full Admins can update company name and organization info.
Business-hours setting full Account settings support business-hours configuration.
Console time-zone setting full Account settings support time-zone configuration.
Placeholders in phishing templates full Organization info populates phishing templates.
Placeholders in landing pages full Organization info populates landing pages.
Placeholders in training notifications full Organization info populates training notifications.

Cloud Email Security

Contextual warning banners full Real-time user education on suspicious emails
Defend - Inbound Protection full AI-powered anti-phishing for BEC and zero-day attacks
Native M365 integration full Minutes-to-deploy architecture
Patented contextual ML full Machine learning adapting to communication patterns
Prevent - Outbound DLP full Misdirected email and data exfiltration detection
Protect - Email Encryption full End-to-end encryption with policy enforcement
Inbound threat protection full Cloud Email Security blocks inbound phishing and malware threats.
Outbound email protection full Suite includes outbound protection against user error and data leakage.
Behavioral AI full Uses behavioral intelligence to detect advanced email threats.
Self-learning threat models full Models adapt over time to improve detection accuracy.
Business Email Compromise detection full Designed to detect BEC and impersonation threats.
Ransomware detection full Detects ransomware-related email threats.
Human-risk adaptive controls full Continuously assesses human risk to adapt policy controls.
Data-exfiltration prevention full Stops unauthorized data exfiltration via email.
Information barriers full Can enforce barriers to meet compliance requirements.
Live threat intelligence full Uses live threat intel and analytics to drive controls and training.
Microsoft 365 integration full Cloud email-security layer integrates with Microsoft 365.
Immediate value deployment full Positioned as fast to deploy in Microsoft 365 environments.
Mac support for M365 deployment full Microsoft 365 integration supports Mac users.
OWA support for M365 deployment full Microsoft 365 integration supports Outlook Web Access.
Layered M365 protection full Designed to catch threats Microsoft 365 misses.

Compliance Plus

600+ compliance modules full Compliance Plus includes hundreds of training modules.
HIPAA training content full Supports legislative and privacy training such as HIPAA.
PCI training content full Supports PCI-related compliance training.
GDPR training content full Supports GDPR and privacy training.
Customizable content full Admins can incorporate their own policies and procedures.
Brandable modules full Training can be branded for the organization.
SCORM-compliant content upload full Admins can upload SCORM-compliant training and video content.
Learning aids full Includes newsletters, documents, posters, and reinforcement materials.
Short interactive modules full Uses short interactive modules to improve engagement.
Automated compliance campaigns full Supports fully automated compliance training campaigns.
Integrated with KnowBe4 training platform full Uses the same platform as security awareness training.
Privacy training full Library includes privacy-focused content.
Ethics training full Library includes ethics training.
DEI training full Library includes diversity, equity, and inclusion training.
Workplace safety training full Library includes workplace safety content.
Anti-discrimination training full Content teaches what discrimination looks like and how to stop it.
Harassment training full Covers sexual harassment and related topics.
Unconscious-bias training full Includes unconscious-bias topics.
Microaggressions training full Includes microaggressions topics.
Protected-characteristics training full Includes protected-characteristics topics.
Manager-specific compliance guidance full Includes manager actions for respectful workplaces.
Multiple content publishers full Library sources material from multiple publishers.
Real-life simulated scenarios full Uses realistic scenarios in content.
Multiple media formats full Supports different types of media format.
Reinforcement materials full Includes materials to reinforce training outcomes.
Business ethics training full Compliance Plus includes content covering business ethics requirements and employee behavior.
Harassment prevention training full Compliance Plus includes content covering harassment prevention requirements and employee behavior.
Data privacy training full Compliance Plus includes content covering data privacy requirements and employee behavior.
Workplace conduct training full Compliance Plus includes content covering workplace conduct requirements and employee behavior.
Protected characteristics training full Compliance Plus includes content covering protected characteristics requirements and employee behavior.
Manager responsibilities training full Compliance Plus includes content covering manager responsibilities requirements and employee behavior.
Policy awareness training full Compliance Plus includes content covering policy awareness requirements and employee behavior.

Defend

Inbound email contextual analysis full Evaluates inbound email context before delivery.
Relationship analysis full Assesses sender-recipient relationships to identify anomalies.
Message-content analysis full Inspects message content for threat signals.
Pre-inbox analysis full Analysis occurs before email reaches the inbox.
Future-breach actionability full Allows admins to identify and act on later-discovered breaches.
External sender banners full Adds banners to emails from outside the organization.
Colored threat banners full Banner colors indicate associated threat level.
Four banner categories full Supports four default banner-category levels.
Impersonation-attack detection full Detects spoofed domains and look-alike sender identities.
Real-time impersonation alerts full Highlights impersonation attacks to users in real time.
Sender-relationship awareness full Warns when mail appears to come from someone users have not previously contacted.
Supply-chain health insight full Threat intelligence includes supply-chain and sender-context insight.
Threat-type insights full Reporting includes attack-type, threat-level, authentication, and interaction detail.
Actionable dashboards full Simplified dashboards help admins prioritize impersonation risks.

Egress / Cloud Email Security

Egress acquisition completed full KnowBe4 completed the Egress acquisition in July 2024.
Human Risk Management integration with Egress full Acquisition was positioned as strengthening HRM with AI-driven email security.
Cloud Email Security added to HRM+ full KnowBe4 says Cloud Email Security products were added to HRM+ after the acquisition.
Leader-positioned email-security portfolio full KnowBe4 publicly positions acquired Egress email security within its broader email-security platform story.

Free Tool

Phishing Security Test full Free phishing test offering.
SecurityCoach Preview full Preview tool for coaching.
Training Preview full Preview of training content.
Program Maturity Assessment full Free human-risk assessment tool.
Weak Password Test full Free password-security assessment tool.
Compliance Training Library preview full Free preview access for compliance content.
Domain Spoof Test full Free email-spoofing/domain assessment tool.
Email Exposure Check Pro full Exposure/breach-check tool.
Domain Doppelgänger full Free domain-lookalike assessment tool.
RanSim full Ransomware-simulator tool.
BreachSim full Breach simulation tool.

KnowBe4 HRM+

HRM+ platform full AI-driven human risk management platform spanning awareness training, cloud email security, anti-phishing, coaching, compliance training, and AI agents.
Security Awareness Training full Core awareness-training capability for changing user behavior against phishing and social engineering.
Cloud Email Security full Email-security suite that dynamically adapts controls based on human risk signals.
Anti-Phishing full Phishing-response and pre-emptive anti-phishing capability centered on reported-email workflows.
Real-Time Coaching full Behavior-based coaching layer that delivers immediate feedback when risky actions are detected.
Compliance Training full Integrated compliance-training library and campaign capability.
AI Defense Agents (AIDA) full AI-native agent suite that automates and personalizes human risk management workflows.

PasswordIQ

Password vulnerability monitoring full Monitors users’ password-related vulnerabilities.
AD password-setting scan full Scans Active Directory password settings.
Breached-password comparison full Compares passwords against breached-password datasets.
Weak-password comparison full Compares against weak-password lists and databases.
Dashboard integration full Displays scan results in KSAT dashboard.
On-prem AD requirement full Requires on-premises Active Directory.
Entra ID incompatibility full Does not support Microsoft Entra ID.
Hashed-password handling full Never displays unhashed user passwords.
Product enablement via Account Integrations full Enabled from KSAT Account Settings.

Phish Alert Button

Phish Alert Button full Lets users report suspicious email from supported mail clients.
Optional send-us-a-copy setting full Reported non-simulated emails can be forwarded to KnowBe4 and designated addresses.
Multiple PAB instances full Supports more than one PAB instance.
Selectable PAB version full Admins choose which PAB version to configure.
Microsoft 365 Defender integration toggle full Microsoft PAB version can enable Defender integration.
Automatic PAB activation for Google full Google PAB can support automatic activation.
Account-integrated enablement full PAB is enabled from account integrations settings.

PhishER

SOAR platform for reported email full PhishER is a SOAR platform that manages user-reported emails.
Reported-email inbox full User-reported emails flow into the PhishER Inbox.
Customized rules engine full Rules analyze email components for malicious content or red flags.
Tagging engine full Emails receive tags when rules match.
Tag-triggered actions full Tags trigger automated actions.
Automatic dispositioning full Platform can automatically disposition messages.
PhishER Blocklist full Blocks similar malicious or spam emails from reaching inboxes.
PhishRIP full Removes similar malicious or spam emails already in inboxes.
PhishFlip full Turns reported emails into KSAT phishing templates and campaigns.
Malicious-element removal for PhishFlip full Cleans malicious elements before reusing emails in training.
Third-party analysis integrations full Integrates with analysis tools such as VirusTotal and Syslog.
Standalone deployment full PhishER can be used standalone.
Combined KSAT workflow full PhishER works best when integrated with KSAT.
PhishER workflow onboarding full Quickstart guides admins through report, identity, disposition, block, rip, and flip workflow.
Inbox management UI full Admins can view and manage reported emails in the Inbox.
Manual reports ingestion full Inbox accepts emails reported manually by users.
PAB reports ingestion full Inbox accepts emails reported via the Phish Alert Button.
Logical-expression rules full Rules use logical expressions to automate message handling.
Auto-disposition by rules full Rules can automatically disposition messages.
Auto-tagging by rules full Rules can apply tags that trigger further actions.
Rules tab management full Rules are created and managed from dedicated rules interface.
CrowdStrike Falcon Sandbox integration full Submits files and URLs for sandbox analysis and returns malware analysis reports.
Reported-email triage full Operational capability within the reported-email response workflow.
Automated tagging full Operational capability within the reported-email response workflow.
Automated actions full Operational capability within the reported-email response workflow.
Blocklist-driven prevention full Operational capability within the reported-email response workflow.
Mailbox remediation full Operational capability within the reported-email response workflow.
Training conversion from attacks full Operational capability within the reported-email response workflow.

PhishER Plus

650% first-year ROI full Demonstrated return on investment
One-click remediation full Fast threat removal across all mailboxes
PhishER Threat Intel full Real-time web threat reputation
PhishFlip full Convert real attacks to safe simulations
PhishRIP quarantine full Email quarantine integrated with M365/Google
Automated threat categorization full Uses trained analysis to identify and categorize reported emails.
One-click remediation across all mailboxes full Supports rapid organization-wide remediation.
PhishRIP-based mailbox cleanup full Eliminates threats from all mailboxes with PhishRIP.
Transforms real attacks into training full PhishFlip turns reported attacks into training simulations.
Would-have-fallen-for-it visibility full Shows which users might have fallen victim before removal.
Crowdsourced intelligence from 13+ million users full Leverages broad community reporting for protection.
Global threat intelligence full Combines crowdsourced data with KnowBe4 Threat Research Lab.
99% response-time reduction claim full Positions itself as reducing response time dramatically.
95% email-analysis time reduction claim full Promotes major analyst-efficiency improvements.
90% auto-categorization claim full Claims most reported emails are auto-categorized.
80% workload reduction claim full Claims large decrease in email-analysis workload.
650% first-year ROI claim full Promotes quantified ROI from deployment.
15% data-breach-risk reduction claim full Promotes risk reduction outcome.
Transparent decision-making full Emphasizes explainable workflows and visibility.
Customizable workflows full Supports customer-defined response flows.
Human observation plus AI analysis full Combines human reporting and AI analysis.
Global Blocklist full Uses crowdsourced reports to block threats.
Global PhishRIP full Uses crowdsourced threats to remove similar emails globally.
KnowBe4 Threat Research Lab validation full Threat feed entries are validated by internal research team.
Seamless integrations ecosystem full Publicly highlights integrations with multiple security vendors.
VirusTotal integration highlight full Vendor ecosystem highlights VirusTotal.
Cortex XSOAR integration highlight full Vendor ecosystem highlights Cortex XSOAR.
SeeMetrics integration highlight full Vendor ecosystem highlights SeeMetrics.
Cyren integration highlight full Vendor ecosystem highlights Cyren.
Blumira integration highlight full Vendor ecosystem highlights Blumira.
Revelstoke integration highlight full Vendor ecosystem highlights Revelstoke.
Swimlane integration highlight full Vendor ecosystem highlights Swimlane.
Tines integration highlight full Vendor ecosystem highlights Tines.
INKY integration highlight full Vendor ecosystem highlights INKY.
CrowdStrike integration highlight full Vendor ecosystem highlights CrowdStrike.
Fortinet integration highlight full Vendor ecosystem highlights Fortinet.
PhishER upgrade option full Available as a subscription or upgrade on PhishER.
Auto-block validated threats full Automatically blocks validated threats before delivery.
Global Blocklist mail-server connection full Connects Microsoft 365 mail server to Global Blocklist.
Global PhishRIP pre-report removal full Removes threats before they are even reported internally.
Third-party analysis tool integration full Supports tools such as CrowdStrike for added scans and evaluation.
Workflow: Report step full Documented as part of the PhishER Plus processing workflow.
Workflow: Identity step full Documented as part of the PhishER Plus processing workflow.
Workflow: Disposition step full Documented as part of the PhishER Plus processing workflow.
Workflow: Block step full Documented as part of the PhishER Plus processing workflow.
Workflow: Rip step full Documented as part of the PhishER Plus processing workflow.
Workflow: Flip step full Documented as part of the PhishER Plus processing workflow.

Platform Intelligence

13M+ global user intelligence full Crowdsourced threat detection
15 years behavioral data full Deep historical threat intelligence
70,000+ organizations full Global customer threat sharing

Portfolio Positioning

Defend product listing in corporate nav full Defend appears as a public product under Email Security.
Prevent product listing in corporate nav full Prevent appears as a public product under Email Security.
Cloud Email Security in corporate nav full Cloud Email Security is listed as core platform offering.
Crowdsourced anti-phishing positioning full Corporate positioning includes crowdsourced anti-phishing.

Prevent

Accidental-send prevention full Helps users avoid email mistakes and misdirected sends.
PII-sharing prevention full Advises on the risk of sharing personally identifiable information by email.
Historical behavior analysis full Learns user behavior trends to detect anomalies.
Domain hygiene analysis full Uses recipient-domain hygiene as part of risk scoring.
DLP rule support full Combines DLP rules with behavioral analysis.
User risk opinion full Generates an opinion on the risk level of an outbound email.
Policy engine full Policy engine decides how to act on Prevent’s opinion.
Metadata ingestion and storage full API component ingests and stores metadata for learning and decisions.
User prompts full Prompts users according to policy before risky messages are sent.
Behavior-trend learning full Prevent uses behavior-trend learning to reduce accidental email data loss.
Recipient anomaly detection full Prevent uses recipient anomaly detection to reduce accidental email data loss.
Recipient-domain analysis full Prevent uses recipient-domain analysis to reduce accidental email data loss.
Outbound DLP opinioning full Prevent uses outbound dlp opinioning to reduce accidental email data loss.
Risk prompts before send full Prevent uses risk prompts before send to reduce accidental email data loss.
Policy-driven warning logic full Prevent uses policy-driven warning logic to reduce accidental email data loss.

Protect

Secure email encryption full Provides secure encrypted email for sensitive communications.
Outlook add-in integration full Hooks into Microsoft 365 using Outlook add-ins.
COM add-in support full Supports COM add-in deployment model.
Web add-in support full Supports Outlook web add-in deployment model.
API integration full Integrates using API connectivity.
Integrated Cloud Email Gateway integration full Can integrate with the cloud email gateway layer.
Purview Information Protection integration full Uses Microsoft Purview labels to automate encryption and access controls.
Account compromise protection full Messages remain protected even if the M365 account is compromised.
Large file transfer full Supports secure large file transfer via encrypted cloud delivery.
256-bit AES encryption full Uses AES-256 encryption for stored and transferred content.
Commercial Product Assurance certification full Advertises CPA certification.
FIPS 140-2 certification full Advertises FIPS 140-2 certification.
ISO 27001 certification full Advertises ISO 27001 certification.
Malware scanning for uploaded files full Scans large-file transfers and portal uploads for malicious activity.
Secure message portal full Supports web-based secure-message workflows.
Secure supply-chain rules full Allows automated rules for trusted organizations and supply-chain communication.
Gateway encryption full Encrypts mail at the gateway.
Desktop encryption full Encrypts mail at the desktop for internal and external content.
Multi-factor authentication full Uses MFA to strengthen access security.
Automatic policy-based encryption full Can automatically encrypt messages based on policy.
Sender-initiated encryption full Users can proactively secure email.
Access restrictions full Can restrict edit, copy/paste, and local download rights.
Flexible recipient authentication full Recipients can use multiple authentication methods.
Egress credentials access full Recipients can log in with Egress credentials.
Shared-secret access full Recipients can open messages using shared secret verification.
One-click access full Recipients can use one-click access flows.
Biometric access full Supports fingerprint or Face ID access for recipients.
Microsoft identity access full Recipients can use Microsoft identities.
Google identity access full Recipients can use Google identities.
Recipient trust via machine learning full ML evaluates recipient profile, domain, location, and IT signals.
Trusted-recipient seamless access full Trusted recipients can access content with reduced friction.
User empowerment controls full Users can manage their own data-access decisions.
Policy override full Users can override policy controls when appropriate.
Real-time post-send access revocation full Users can revoke access after sending.
Time-based access restrictions full Can restrict access by time.
Geolocation-based access restrictions full Can restrict access by location.
Granular message controls full Can restrict save, copy/paste, forward, or print.
Anywhere access full Secure email can be sent and managed from Outlook, OWA, and mobile.
Security visibility reporting full Shows who sends sensitive information and whether it is accessed.
Supply-chain insight reporting full Shows top domains used for secure communication.
Usage and adoption reporting full Tracks Protect deployment usage and adoption.
Classification-label reporting full Shows top classification labels used for secure mail.
Audit reports full Tracks message access and events for investigation and compliance.
Flexible deployment options full Supports cloud, hybrid, and on-prem environments.
Standalone deployment without gateway full Can deploy without an integrated cloud email gateway.
Rapid user onboarding full Can onboard users quickly through Active Directory.
SSO support full Supports Azure AD, ADFS, and SAML SSO providers.
Protect web add-in deployment full Guide covers deployment to Microsoft 365 users.
Real-time guidance on send full Add-in delivers real-time guidance when sending emails.
Consistent protection across devices full Add-in supports OWA, Mac, and Windows.
Compose secure messages in portal full Admins/users can create secure email directly in portal.
Save secure-message drafts full Secure Message Portal supports draft saving.
Secure external communication full Protect includes secure external communication as part of secure message delivery and control.
Recipient-access audit trail full Protect includes recipient-access audit trail as part of secure message delivery and control.
Trusted-domain communication rules full Protect includes trusted-domain communication rules as part of secure message delivery and control.
Message-level rights management full Protect includes message-level rights management as part of secure message delivery and control.
Attachment protection in portal uploads full Protect includes attachment protection in portal uploads as part of secure message delivery and control.
Hybrid deployment support full Protect includes hybrid deployment support as part of secure message delivery and control.
On-prem deployment support full Protect includes on-prem deployment support as part of secure message delivery and control.
Cloud deployment support full Protect includes cloud deployment support as part of secure message delivery and control.

Security Awareness Training

Localized content in 35 languages full Training library includes localized content in dozens of languages for global programs.
AI-driven simulated phishing full Simulated phishing and training adapt to users and support ongoing awareness programs.
Enterprise-grade reporting full Reporting and analytics track program effectiveness and user outcomes.
User testing and assessments full Assessments and user testing help quantify knowledge and behavior change.
Phish-prone Percentage benchmark full Tracks phish-prone rate and program improvement over time.
KnowBe4 Learner App full Mobile learner application for users to complete training from smartphones or tablets.
Training Access Level I full Access tier for core awareness modules and newsletters.
Automated Training Campaigns full Automates training rollout and reminder emails.
Content Manager full Controls branded themes, passing score, test-out, and skip settings.
Assessments full Measures user knowledge and culture baselines.
AI-Recommended Training full Uses AI to recommend training content.
Dashboard tab full Top-level reporting dashboard for risk score and phishing results.
Risk Score widget full Widget summarizing organizational human-risk scoring.
Phishing reports full Reports on phishing campaign results and user behavior.
Campaign graph hover details full Graph drill-down shows campaign counts and user actions.
CSV report export full Reports can be generated as CSV files.
PDF report export full Reports can be generated as PDF files.
SmartRisk new-user bias tuning full Risk Score logic can now remove new-user bias when secure events occur within first 90 days.
Second Chance update cadence full Second Chance receives periodic client updates and bug fixes.
Email Exposure Check Pro report customization full EEC Pro reports can limit old breaches, ignore selected users, and mark breaches resolved.
Time Zone Source setting full Account-level choice between browser-detected time zones and manual time-zone settings.
Track SCORM interactions full Can send users’ responses in interactive SCORM activities to the LMS.
Student Edition full Student-focused awareness-training edition was added to the platform.
Dashboard design improvements full Dashboard received wider view and more consistent UI.
MobileMind integration full Integration sends KnowBe4 training data into MobileMind.
Anecdotes integration full Integration sends phishing, training, and user data to anecdotes for compliance workflows.
Okta connector integration full Integration allows reporting data use in Okta workflows.
Noetic Cyber integration full Integration pulls phishing and training data into Noetic Cyber.
Detailed phishing failure types full Standard report email now lists specific failure types such as QR code and macros enabled.
Smart Groups full Dynamic grouping capability available in console.
Language filter in ModStore full Content library filtering by language.
Free USB Test full USB-based social-engineering test tool availability.
Social Engineering Indicators (SEI) full Indicator feature introduced to support awareness reporting.
User groups view full User profile shows group membership.
Individual Phish-prone Percentage full User profile includes per-user phish-prone metrics.
Simulated phishing counts full Tracks how many phishing tests each user received.
Failure counts full Tracks failures from simulated phishing tests.
Reported-phish counts full Tracks reported simulated phishing emails.
Failure-type graph full Graph shows each user's failure types.
QR-code phishing tests full Simulates QR-based phishing attacks.
QR Code template topic full Dedicated template topic for QR campaigns.
AI-selected automated template selection full Can use AI-selected templates.
Full Random automated template selection full Can use full-random template selection.
Random automated template selection full Can use random template selection.
Specific Template selection full Can use specific template choice.
Data-entry landing pages full Can test whether users submit data after scanning.
QR-scan result tracking full Tracks scans and post-scan actions in console.
Phishing awareness content full Training library and reinforcement materials cover phishing topics as part of awareness programming.
Spear phishing awareness content full Training library and reinforcement materials cover spear phishing topics as part of awareness programming.
Ransomware awareness content full Training library and reinforcement materials cover ransomware topics as part of awareness programming.
Business Email Compromise awareness content full Training library and reinforcement materials cover business email compromise topics as part of awareness programming.
CEO fraud awareness content full Training library and reinforcement materials cover ceo fraud topics as part of awareness programming.
Password security awareness content full Training library and reinforcement materials cover password security topics as part of awareness programming.
VPN safety awareness content full Training library and reinforcement materials cover vpn safety topics as part of awareness programming.
Remote-work security awareness content full Training library and reinforcement materials cover remote-work security topics as part of awareness programming.
Social engineering awareness content full Training library and reinforcement materials cover social engineering topics as part of awareness programming.
Multi-factor authentication awareness content full Training library and reinforcement materials cover multi-factor authentication topics as part of awareness programming.
Mobile security awareness content full Training library and reinforcement materials cover mobile security topics as part of awareness programming.
Device security awareness content full Training library and reinforcement materials cover device security topics as part of awareness programming.
Safe browsing awareness content full Training library and reinforcement materials cover safe browsing topics as part of awareness programming.
Data handling awareness content full Training library and reinforcement materials cover data handling topics as part of awareness programming.
Privacy awareness awareness content full Training library and reinforcement materials cover privacy awareness topics as part of awareness programming.
Credential hygiene awareness content full Training library and reinforcement materials cover credential hygiene topics as part of awareness programming.
Deepfake awareness awareness content full Training library and reinforcement materials cover deepfake awareness topics as part of awareness programming.
QR-code awareness awareness content full Training library and reinforcement materials cover qr-code awareness topics as part of awareness programming.
Malware awareness awareness content full Training library and reinforcement materials cover malware awareness topics as part of awareness programming.
Insider-risk awareness awareness content full Training library and reinforcement materials cover insider-risk awareness topics as part of awareness programming.
Campaign summary charts full Program reporting supports campaign summary charts within the KSAT console.
User-action visibility full Program reporting supports user-action visibility within the KSAT console.
Risk-trend review full Program reporting supports risk-trend review within the KSAT console.
PDF reporting for management full Program reporting supports pdf reporting for management within the KSAT console.
CSV export for analysis full Program reporting supports csv export for analysis within the KSAT console.
Dashboard-driven insight full Program reporting supports dashboard-driven insight within the KSAT console.

SecurityCoach

Real-time coaching full Provides immediate feedback at the moment risky behavior occurs.
API-based vendor integrations full Integrates with existing security stack through APIs.
Built-in detection rules full Includes out-of-box detection rules for risky behavior.
Customizable detection rules full Security teams can customize the behaviors to track.
Coaching dashboard full Built-in dashboard summarizes coaching campaigns.
Detailed coaching reporting full Reporting shows detection rules and security events.
SecurityTips via Microsoft Teams full Can send real-time coaching tips in Teams.
SecurityTips via Slack full Can send coaching tips in Slack.
SecurityTips via Google Chat full Can send coaching tips in Google Chat.
SecurityTips via email full Can send coaching notifications by email.
Student Edition for SecurityCoach full Student-oriented coaching edition is available.
SecurityCoach release tracking full Public change log tracks new, updated, deprecated, or removed features.
Teams coaching channel full SecurityCoach supports teams coaching channel as part of real-time behavior coaching.
Slack coaching channel full SecurityCoach supports slack coaching channel as part of real-time behavior coaching.
Google Chat coaching channel full SecurityCoach supports google chat coaching channel as part of real-time behavior coaching.
Email coaching channel full SecurityCoach supports email coaching channel as part of real-time behavior coaching.
Coaching campaign summaries full SecurityCoach supports coaching campaign summaries as part of real-time behavior coaching.
Detected security event summaries full SecurityCoach supports detected security event summaries as part of real-time behavior coaching.

SmartRisk

SmartRisk Agent full Agent provides deeper analysis of organizational strengths and weaknesses.
Tailored recommendations full SmartRisk gives tailored recommendations.
Phishing-vulnerability identification full Helps identify users more vulnerable to phishing.
Training-effectiveness review full Helps review the effectiveness of awareness training.
Risk Score analytics full Provides risk-scoring capability.

Student Edition

Student Edition full Awareness-training edition for students age 16+.
Student-focused personalized training full Personalized student training and simulated phishing.
Computer and mobile device security training full Covers device-security vulnerabilities.
Password hygiene training full Covers password hygiene.
Multi-factor authentication training full Covers MFA usage.
Student phishing and social-engineering training full Covers phishing and social-engineering threats.
Social media and oversharing training full Covers oversharing risk.
Campus-scam training full Covers campus-targeted scams.
Travel and off-campus security training full Covers security for travel and off-campus activities.

Related Security Awareness Vendors

Vendor Directory
Lookup Tools
Analysis
Bulk & Enterprise
Resources
Close