According to the 2022 Verizon Data Breach Investigations Report, the human factor is involved in 82% of breaches. Bad actors try to exploit your users by looking for any way to breach your cybersecurity defense layers.
And, your overwhelmed, stressed-out Security Operations Center (SOC) team needs relief from the alert noise caused by risky behaviors of your employees. You're already delivering security awareness training to your users to strengthen your human firewall. What if you could take user event data from your existing security stack to deliver real-time coaching to your users in response to their security mistakes, while also reducing the volume of alert noise for your SOC team caused by those repetitive risky behaviors? Now you can with SecurityCoach™.
SecurityCoach is the first real-time security coaching product created to help IT and Security Operations teams further protect your organization’s largest attack surface — your employees. Introducing a new category of technology called Human Detection and Response (HDR), SecurityCoach helps strengthen your security culture by enabling real-time coaching of your users in response to their risky security behavior.
SecurityCoach integrates with KnowBe4’s new-school security awareness training platform and your existing security stack to deliver immediate feedback to your users at the moment risky behavior occurs. SecurityCoach is an optional add-on for KnowBe4 customers with a Platinum or Diamond level security awareness training subscription.
SecurityCoach uses standard APIs to quickly and easily integrate your organization’s existing security products with your KnowBe4 console. Your security stack generates alerts that are then analyzed by SecurityCoach to identify events related to any risky security behavior from your users. For example, if a user opens an infected email attachment which might spread ransomware in your network, or tries to visit a website with restricted content on their work computer, your security products detect this and create an event alert. SecurityCoach identifies that event and then, via Microsoft Teams, Slack or email, sends a real-time SecurityTip to that user acknowledging that “Hey, this is a security risk and here’s why”.
You can set up real-time coaching campaigns to target risky users based on those events from your network, endpoint, identity, web security and other vendors within your security stack. These campaigns enable you to coach your users at the moment the risky behavior occurs, providing real-time feedback and reinforcing the security awareness and compliance training campaigns you run today.
Your best defense is to develop a strong security culture across your organization that engages your users and reinforces the importance of following your organization’s security policies, strengthening your human firewall. Your IT and SOC teams play a critical role in strengthening your overall cybersecurity posture. SecurityCoach unites these two teams with a shared critical goal: securing the human layer of your security stack to further improve your security culture and your overall cybersecurity posture.
SecurityCoach allows you and your SOC team to leverage your existing cybersecurity infrastructure, extending the value of your security stack investment, and reducing SOC alert noise and fatigue caused by repetitive risky user behaviors.
SecurityCoach helps you augment your security awareness training effectiveness and take a data-driven approach to quantifying and reducing human risk by combining existing technology with real-time behavior coaching and new-school security awareness training. When you provide instant coaching on risky activities, you not only significantly improve the understanding and retention of your users, you are also able to build a more effective and mature security culture across your whole organization in less time.
Real-time coaching campaigns allow you to coach your users about risky behavior in real time. When risky activity is detected, your users will receive a SecurityTip about the activity and how to avoid it in the future.
At the moment risky behavior is detected, SecurityCoach sends a real-time SecurityTip directly to that user via Microsoft Teams, Slack or email. These immediate notifications are a powerful enhancement to your security awareness program.
Utilize vendor APIs to quickly and easily integrate with your existing security stack vendors such as Microsoft, Cisco, Netskope, Zscaler and more. Our ecosystem of technology partnerships is rapidly expanding to support our customers and strengthen the human firewall.
Detection rules specify what risky activity you want to track using the data provided by your integrated security vendors. SecurityCoach recommends rules based on common security topics in order of priority, with Very High and High Risk activity rules first.
SecurityCoach recommends real-time coaching campaigns best suited for your detection rules. You can select SecurityTips from different categories of risky behavior.
User data from your identity provider or directory is combined with your security event logs to create user mapping rules. With a variety of built-in user mapping rules and the ability to create custom rules, you can easily configure rules to automatically map users.
The built-in dashboard provides an overall summary of coaching campaigns, detection rules and detected security events. The detailed reports provide insights into your organization's security risks and help track trends in your users' risky activity over time.
Based on the rules in your existing security software stack and defined high-risk users or roles, you can configure your real-time coaching campaign to determine the frequency and type of SecurityTip risky users will receive.
You can create campaigns using our extensive and continually growing catalog of 200 SecurityTips covering 60 different topics, many of which are available in 34 languages.
We believe the Human Defense Layer is a mission-critical pillar of the cybersecurity architecture that sits alongside endpoint, network, web and identity.
SecurityCoach introduces a new category of technology called Human Detection and Response (HDR). HDR is conceptually similar to Extended Detection and Response (XDR), but HDR focuses on the human layer of your cybersecurity strategy. HDR correlates, identifies and responds to the tens of thousands of detected events related to the risky security behavior of your users being generated within your existing security infrastructure.
KnowBe4 is pioneering this new category to enable true behavioral change in users, and mitigate risk in the human layer. HDR creates significant time savings for your overburdened SOC team by reducing the volume of alert noise caused by repetitive risky behaviors, allowing the SOC to focus on high-priority threats.
SecurityCoach uses standard APIs to quickly and easily integrate with your existing security products from vendors like CrowdStrike, Microsoft, Cisco, Netskope, Zscaler and more. Our ecosystem of technology partnerships is rapidly expanding to support our customers and strengthen the human firewall.
To allow SecurityCoach access to your security platforms, you’ll set up an integration in your KnowBe4 console. These integrations allow SecurityCoach to track when certain actions are detected. Setting up integrations is a quick and easy process, and we provide integration guides for each vendor on our Knowledge Base. Once integrated, events and other data from your security platforms will be displayed on your SecurityCoach dashboard.