The KnowBe4 Team

You could spend a fortune purchasing technology and services, and your network infrastructure could still remain vulnerable to old-fashioned manipulation.”
— Kevin Mitnick

Security Awareness Training

KnowBe4 Philosophy

We are happy to go against the grain.
We’re not a company that turns out bloatware year after year.
We don’t work with only the bottom line in mind.
And we feel fine with all that.

We’re a team of free-thinking techies, who look at IT security issues a little differently.
Where other IT security companies may value profits, we value, well…security.
We are not in the pocket of any of the large players.
We answer to no one but IT admins in the trenches.

Our rules are: “Do it right the first time, do it fast, and have fun while you do it”.
We work like that, because we think it’s the only way to go.
We believe that only with community you can effectively secure your domains.
We believe that as IT Admins we need to hang together, because if we don’t we will hang alone.

We’re not just a different kind of security company, we are a security company that together with you, makes a difference.

The adage is true that the security systems have to win every time, the attacker only has to win once.”

— Dustin Dykes.

KnowBe4 delivers ‘new-school’ security awareness training combined with set-it-and-forget-it simulated phishing attacks for an extremely effective user education program.

KnowBe4 has become the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Thousands of enterprise accounts are using it, 25% of which are banks and credit unions. Based on Kevin Mitnick’s 30+ year unique first-hand hacking experience, you now have a tool to better manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks.

With this world-class, user-friendly and effective Internet Security Awareness Training, KnowBe4 provides self-service enrollment, and both pre-and post-training phishing security tests that show the percentage of end-users that are Phish-prone. KnowBe4’s unique "double-random" scheduled Phishing Security Tests keep employees on their toes with security top of mind, and can provide instant remedial online training in case an employee falls for a simulated phishing attack.

The Security Awareness Training project leader at every KnowBe4 customer gets access to user provisioning, and comprehensive pre- and post- training reporting. Every end-user gets engaging and effective training. After being trained end-users can receive ongoing testing, with a frequency determined by you. Executives get the insight they need to maximize training ROI and track security compliance.

The KnowBe4 team has built, deployed, and supported market leading e-learning applications and has deep roots in IT Security.  KnowBe4 was started by Stu Sjouwerman, formerly co-founder of Sunbelt Software, developer of VIPRE Antivirus, which in 2010 was acquired by GFI Software, a portfolio company of the Insight Venture Partners Venture Capital Fund in New York and Boston.

KnowBe4 Infrastructure Security

KnowBe4 is an IT security company, so our infrastructure was built from the ground up to have a secure, and fault-tolerant cloud-based infrastructure. KnowBe4 was PCI compliant from day one.

  • Our Development Group consists of software engineers that have 10+ years of experience in creating secure applications,
  • Our servers are hardened Linux machines, any critical connections all use secure sockets layer,
  • The databases are backed up daily,
  • We do not store passwords in plain-text, we use a one-way salted, peppered and 10x encrypyted hash mechanism, in which passwords cannot be retrieved even if we want to,
  • Regarding the Phishing Security Tests, the data we store consists only of email addresses, and what this address has clicked on. No other data gets stored, and KnowBe4 has done everything to be secure, scalable and reliable.
  • Regarding the Vishing Security Tests, the data we store consists of the user’s name and phone number, and if they entered any information on their phone. No confidential data gets stored or reported.
  • As the phishing tests only use standard email/web protocols, and do not include any actual malware, KnowBe4 phishing tests will not introduce any vulnerabilities into your systems.

Note: our infrastructure runs on the Amazon Web Services (AWS) cloud which has the following certifications:
“AWS has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. We will continue to obtain the appropriate security certifications and conduct audits to demonstrate the security of our infrastructure and services.” More about AWS certifications and accreditations here: http://aws.amazon.com/security/

Compliance with Safe Harbor Data Privacy Laws

KnowBe4, Inc. Safe Harbor Privacy Policy
To provide an adequate level of protection for Personal Data received from the European Union (EU), the European Economic Area (EEA) and Switzerland, KnowBe4, Inc. (“KNOWBE4″ or “the Company”) adheres to the Safe Harbor Principles developed by the United States Department of Commerce and the European Commission and Switzerland. This Safe Harbor Privacy Policy (the “Policy”) sets forth the privacy principles that KNOWBE4 follows when processing Personal Data received from the EU, the EEA or Switzerland. The privacy principles in this Policy are based on the Safe Harbor Principles referenced above. To learn more about the Safe Harbor program, and to view KNOWBE4’s certification, please visit http://www.export.gov/safeharbor/.


Get the latest about social engineering

Subscribe to CyberheistNews