Security Awareness Training

Kevin Mitnick The Word Document Exploit

Old school Security Awareness Training doesn’t hack it anymore. Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. More than ever, your users are the weak link in your network security. They need to be trained by an expert like Kevin Mitnick, and after the training stay on their toes, keeping security top of mind. Here is your 90-second video.

Get A Quote
See A Demo

Kevin Mitnick Security Awareness Training 2015™

This is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Well over 1,500 enterprise accounts are using it, 25% of which are banks and credit unions. Based on Kevin’s 30+ year unique first-hand hacking experience, you now have a tool to better manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks.

You get high quality web-based interactive training combined with frequent simulated phishing attacks, using case-studies, live demonstration videos and short tests. Kevin Mitnick Security Awareness Training 2015 specializes in making sure employees understand the mechanisms of spam, phishing, spear-phishing, malware and social engineering, and are able to apply this knowledge in their day-to-day job. Each case study ends with its own short multiple choice test, there is a quiz at the end of the training, and trainees get a unique job-aid: Social Engineering Red Flags™ with 22 things to watch out for. Summer 2015 we added Training Campaigns which does the heavy lifting of getting users through their training.

The press loves it, InfoWorld's security Guru Roger Grimes recently reviewed KnowBe4. 

The 2015 version comes in three flavors (which you all get as part of the Silver package):

  • The 2015 full 40-minute training which is split in 4 modules that an employee can do over time;
  • A 25-minute version which goes into Advanced Persistent Threats, covers the new ransomware threat and has two new case studies; and
  • An advanced, condensed 15-minute version which specifically focuses on Advanced Persistent Threats and phishing and now is available in English, French, Spanish, German, Dutch, Portuguese, Korean, Japanese, and Chinese (Mandarin) with more languages underway.

We provide this program in three ways:

  • A Software-as-a-Service subscription running in our cloud;
  • You can load the SCORM compliant training modules in your own Learning Management System; and
  • As a fully Managed Service.

After the training, KnowBe4’s highly effective scheduled Phishing Security Tests keep your employees on their toes. From your Admin Console you are able to schedule regular Phishing Security Tests (PST for short) from our large library of known-to-work templates, or choose a template from the community templates section where you can share phishing templates with your peers.

In case an employee falls for one of these simulated phishing attacks, you have several options for correction, including instant remedial online training. You can schedule one-shot, weekly, bi-weekly or monthly simulated phishing attacks and immediately see which employees fall for these social engineering tricks. Here is some visible proof the training works over a 12-month period followed by seven example case studies.

Get A Quote See A Demo

NEW: Version 5.1 Console Features

We have just released the new V5.1 of the admin console with a host of new features.

Check out the full list of features here, or download the new 2015 datasheet (PDF).




Based on Kevin’s 30+ year first-hand hacking experience, you will get new-school web-based training and simulated phishing testing, addressing the needs of any size organization.

KnowBe4 is a market leading “Gartner Top 20″ on-demand Security Awareness Training provider that enables you to quickly address the increasingly urgent security problem of social engineering.

With world-class, user-friendly and effective Internet Security Awareness Training, KnowBe4 gives you self-service enrollment, and both pre-and post-training phishing security tests that show you the percentage of end-users that are Phish-prone. KnowBe4’s effective scheduled Phishing Security Test keeps your employees on their toes, and provides several remedial options in case an employee falls for a simulated phishing attack.

The Internet Security Awareness Training project leader at every KnowBe4 customer gets access to user provisioning, and comprehensive training reporting. Every end-user gets engaging and effective training and after being trained can receive ongoing testing. Executives get the insight they need to maximize training ROI and track security compliance. The Admin Console provides instant graphs of training effectiveness.




I’m not that much into hacking, who is Kevin Mitnick? 

During the mid nineties, Kevin Mitnick was the Most Wanted Hacker in the world, and now is a Fortune 500 Security Consultant: Based on his 30+ years of first-hand experience with hacking and social engineering, we are covering Security Awareness Training from a number of attack vectors. Your employees are going to be a much stronger ‘human firewall’ than before. Read more here: Who is Kevin Mitnick?


Do you have a datasheet in PDF format?

Sure we do. Here is the PDF.


Why is KnowBe4’s training ‘new school’?

KnowBe4′s Internet Security Awareness Training is based on 30+ years of Kevin Mitnick’s first-hand hacking experience. This is the first time that his experience is available in an online format, combined with ongoing end-user security audits called ‘Phishing Security Test’ which allows you to send regular simulated phishing attacks to employees to reinforce the training, and to immediately correct end-users if they click on a simulated phishing link.


Why do employees even need this training?

Cybercrime is moving at light speed. A few years ago, bad guys used to specialize in identity theft, but now they take over your organization’s network, infect it with ransomware, plunder your Intellectual Property, exfiltrate your customer transaction databases and/or hack into your bank accounts, and steal tens- or hundreds of thousands of dollars. Every small and medium organization is at risk. Will you be the next cyberheist victim because an untrained employee clicked on a phishing link?


How many employees can we sign up? What is your scalability?

KnowBe4 was built 100% in the cloud from scratch. We are essentially infinitely scalable. Our infrastructure lives in Amazon’s Web Services cloud, and if you would have a few hundred thousand employees that need training, we literally flip a few switches and we have you completely covered.


Is my data safe and secure?

KnowBe4 uses industry best practices, and partners with top firms (including Amazon Web Services and, to ensure the security of sensitive data. Credit card information is encrypted with SSL (secure socket layers), is not stored on KnowBe4 servers and is only used to verify billing info. KnowBe4 has been PCI compliant from day one. Furthermore, your company information is not shared with 3rd parties. Review the Privacy Policy for more information.


There are a few video segments in the training, are they going to slow down the learner while they download?

Our courseware player uses an advanced pre-buffering mechanism to deliver content to the user. The player automatically loads subsequent sections while the user is viewing the current screen. In other words, there is no need for the entire presentation to load before the user can begin playback. They do need to be connected with a broadband internet connection though, a slow wireless connection could cause delays in video playback.


At the end of the training, there is a section with Red Flags. It would be great to have a PDF with those Red Flags, is that possible?

Yes, it’s actally available from within the training application. Click on the Attachments link at the top right corner of the training app, and click on Social Engineering Red Flags. The PDF will show up and is printable. Here is a copy as well, ask all employees to print it out and pin it to their wall.



Please be aware of the following requirements:


  1. Browser and broadband Internet connection (IE9 and up, Chrome and Firefox all work) Note: a slow wireless connection could cause delays in video playback.
  2. Pop-up Blocker Disabled.
  3. Flash.

Internet Explorer Security Settings:

  1. ActiveX “Run ActiveX controls and plug-ins” Enable or Prompt.
  2. AciveX “Script ActiveX controls marked safe for scripting” Enable or Prompt


Quick Start Guide

Here is a link to the resources section which has an updated Quick Start Guide for your free Phishing Security Test.

Get A Quote See A Demo