Security Awareness Training Features

Training (Q1 2019 Features)

The world's largest library of well over 900 security awareness training content items; including interactive modules, videos, games, posters and newsletters - with the Diamond level you get frequent, new fresh content
6 foundational modules translated in 26 languages - and tons of other translated content. Get a free look at all of it in the ModStore
On-demand, engaging, interactive browser-based training
NEW! The updated learner experience offers optional gamification, with leaderboards and badges, to incentivize and motivate users to take their assigned training
NEW! Localized training interface option for your users! Currently available in 15 local languages, your users can choose the language they are most comfortable with, helping deliver a more immersive training experience
Create multiple training campaigns as ongoing or with a completion date
Automate enrollment and follow-up emails to “nudge” users
Allows you to create an effective “Human Firewall”
Hosted in our Cloud LMS, run the course in your own Learning Management System, or delivered as a Managed Service
Hints & Tips Security Awareness emails for compliance
Point-of-failure training auto-enrollment
Within one account, you can have multiple allowed domains (e.g. com, net, .org) and users can sign up with any of the domains associated to an account
Industry's largest full-time content development staff: 40+ people
Visible training results: Phish-prone percentage™ for whole organization graphed over time in your console for reporting
Enhanced Training Campaigns with "relative enrollment duration" feature
Certificate printing where users can view/download/print their own certificates after completing a course
Automatic SCORM delivery via console if you use your own LMS
NEW! Upload Your Own Content! You now have the option to upload your own SCORM-compliant training and video content in any language you choose, directly into your KnowBe4 account - at no extra cost!
Extend training deadlines for overdue users

Simulated Phishing Attacks

The results of the 2019 KnowBe4 Phishing Industry Benchmarking Report clearly show where organizations’ Phish-prone percentages started and where they ended up after 12 months of regular testing and security awareness training. The study analyzed a data set that included nearly nine million users across 18,000 KnowBe4 customers with over 20 million simulated phishing security tests across nineteen different industries.

The overall industry initial Phish-prone percentage benchmark turned out to be a troubling 30%. Fortunately, the data showed that this 30% can be brought down nearly half to just 15% in only 90 days by deploying new-school security awareness training. The 365-day results show that by following these best practices, the final Phish-prone percentage can be minimized to 2% on average. Read the full report.

Phishing

NEW Virtual Risk Officer (VRO) feature, provides insight and actionable metrics that will allow you to understand the attack surface of your organization, and learn what users might be more vulnerable to a phishing attack. VRO provides dynamic risk scores, assigned to users, groups, and your organization as a whole, which enable you to make data-driven decisions when it comes to your security awareness plan and understand what users are the most susceptible to a phishing attack. You can even use Smart Group conditional statements that will allow selection based on individual risk scores. To see a quick video overview of VRO, click here.
Industry Benchmarking feature lets you compare your organization's Phish-prone percentage™ with other same-size organizations in your space
Initial free Phish-prone percentage test for 100 users (more on request)
Year-round all-you-can-eat simulated phishing attacks
Unlimited yearly use of all phishing templates
We create regular "Current Events" templates you can send to users
Set-it-and-forget-it scheduling of phishing campaigns
Full library with 3,000+ successful phishing templates
Easily create your own templates
Community Templates: share and use other people’s phishing templates
Customizable phishing attacks
Customizable landing pages
Phishing Security Test email reports sent to admin at the end of a phishing campaign
“Anti-prairie dog” campaigns which send random templates at random times
Ability to skip weekends in campaigns and assign time zone and working hours
New Office templates with macros to simulate ransomware attacks
GEO-location - See where your simulated phishing attack failures are on a map, with drilldown capability and CSV-export options.
Ability to create templates that emulate spoofed CEO Fraud attacks
Automatic "Scam Of The Week" Campaign - sent to all employees
"Phishing Reply Tracking" allows you to track if a user replies to a simulated phishing email and can capture the information sent in the reply

Social Engineering Indicators™ patented technology turns every simulated phishing email into a tool you can use to dynamically train employees by instantly showing them the hidden red flags they missed within that email
USB Drive Test™ allows you to test your user’s reactions to unknown USBs they find
Targeted spear-phishing campaigns, replace fields with personalized data
“Click Only” and traditional Data Entry of sensitive information (credentials)
Customized scenarios based on public and/or personal information
Tests for opening MS Office Attachments: Word, Excel, PPT, and PDF (also zipped) and also HTML attachments
Variable phishing campaign length, max six months
Summary Information about all phishing campaigns
Free Phishing Attack Surface - analysis of emails belonging to your domain
Phish-Prone Percentage Comparison for different user groups
Program trend reporting
Vishing Security Tests using IVR attacks over phone (Gold level on up). Supports US and International, both pre-recorded messages and text-to-speech campaigns using system templates or admin-customized templates.
Customizable “hover-links” when a user "mouse-overs"
Multi-domain accounts for admins or MSPs who manage multiple organizations (no extra charge)
Top 10 Criminal Phishing Emails of the week - defanged and ready to send to employees

Reporting

NEW Advanced Reporting provides actionable metrics and insight into the effectiveness of your security awareness training program. You can generate over 60 different styles of reports that will help you understand where improvements need to be made to improve the strength of your human firewall. Using machine learning technology, Advanced Reporting will instantly create reports based on your spoken command or typing relevant keywords into the Find Report search function.
Smart Groups put your phishing, training and reporting on autopilot. With the powerful Smart Groups feature, you can use each employees’ behavior and user attributes to tailor phishing campaigns, training assignments, remedial learning and reporting. Best of all, Smart Groups is a powerful ad-hoc, real-time query tool that you use to get detailed reporting for management.
Reporting APIs enable you to customize and obtain reports by integrating with other business systems that present data from your KnowBe4 Console. Here is the documentation.
Training reports for all users or a specific group (who started, completed, started but never finished)
Details on enrollment %, course started %, incomplete %, completed course, acknowledged security policy
Filter campaigns on recipient, delivered, opened, clicked, attachment, data entered, bounced, in CSV
Specify user needs to “Read and Attest” Security Policy for compliance
Individual user "report cards" with their “open and click” history
Reports on browser / device used to open a phishing email and vulnerable browser plugins the user has installed
Top 50 clickers report
Print to PDF so reports can be sent to management
Personal time-line overview for every individual user
Phishing Reply Tracking reports with who answered and what they said
Reporting APIs enable you to customize reports by integrating with other business systems to present your data from your KnowBe4 Console
Roll-up Reporting makes it easy to select reports and compare results in aggregate across managed KnowBe4 accounts or multi-location offices

Additional Features

NEW PhishER is an add-on product that helps your team prioritize and manage potentially malicious messages reported by your users. Identify and respond to email threats fast! PhishML, a new PhishER machine-learning module analyzes every message coming into the PhishER platform - giving you info to make your prioritization process easier, faster, and more accurate!
Automated Security Awareness Program (ASAP), allows you to create a customized Security Awareness Program for your organization that will help you to implement all the steps needed to create a fully mature training program in just a few minutes!
Security Roles allows you to assign granular access control for users and groups within the KnowBe4, combined with delegated admin permissions - Here is the Support Article
KnowBe4 Active Directory Integration (datasheet)
Password-Less Logins
Anonymous Console Data for European Data Protection compliance
Upload users as flat text, or as CSV with Groups functionality
Full time dedicated U.S.- and U.K.-based support through phone and email
2-Factor Authentication option for both users and admins
Full and partially Managed Service options, we can run this program for you
Phish Alert Button gives your users a way to report simulated and non-simulated phishing attacks, also available for Outlook Mobile
Bulk delete users using a CSV file (not needed with AD integration)
Training and phishing history are archived even when users are deleted
Supports single sign-on using Security Assertion Markup Language 2.0 SAML
Support for OKTA identity management
Support for Windows Azure Active Directory
Crypto-ransom guarantee

Features Being Worked On Now:

AIDA™ (Artificial Intelligence Driven Agent™) BETA which combines phishing, vishing, smishing in to a new social engineering attack vector we decided to coin as "AI-shing™". You can participate in this beta when you are a KnowBe4 customer with an active subscription.