For a medium to large enterprise, we are reviewing options for phishing simulation tools to enhance our security awareness program. Could you share any recommendations or experiences with specific tools that have worked well in your organisations?

SecuritySecurity Strategy & Roadmap
1.4k viewscircle icon1 Upvotecircle icon6 Comments
Sort by:
Information Security Manager10 months ago

We are using Hoxhunt and are quite successful with it. Awareness and click rates have improved.

IT Manager10 months ago

We do not use tools per say for Phishing, rather CSIRC sends emails that look legit to measure those who report versus those who click the link.

Information Security Manager10 months ago

Our experience is with the KnowBe4 solution. It is an excellent tool. It provides hundreds of phishing templates, which prevents users from knowing about the campaign from each other. Creating smart groups based on the number of clicks in recurring campaigns is also a key feature. The tool's cost-benefit is very worthwhile. I recommend it.

Cybersecurity Leader in Manufacturing10 months ago

We have been using Cofence for a few years now and we are satisfied with the platform. 

Information Security Analyst in Manufacturing10 months ago

I have experience with a couple of different phishing simulation solutions, from the earlier Wombat phishing simulation platform (now Proofpoint ThreatSim) to KnowBe4.  Wombat was always a good solution, but I haven't used them in some time, so I don't know what improvements Proofpoint may have added.

The KB4 platform has a lot of great features, such as the ability to dynamically adjust to users.  For example, if they pass easier phishing tests, they can automatically be challenged with harder future tests automatically.  The system also has the ability to vary the phishing type, from QR or attachment phish, to simple form phishing.  I also like how they keep up with recent "real-world" phishing intel, and use those in thier samples.  The reporting and metrics are also nice, with the ability to measure your organization's phish prone percentage against other organizations in your sector or industry.  So we're pretty happy with the KnowBe4 platform.  I hope that helps.

1 Reply
no title10 months ago

Many Thanks for the response.  KB4 is definitely one of the options we will be looking at.  Currently using Phishing Tackle, but it has not matured over the last couple of years as we'd hoped.

Content you might like

We would like to know what is the best advanced threat detection / prevention security control that provides the most bang for buck for a large organisation that wants to enhance its security posture to better detect and mitigate advanced threat actors. 

Main goals are to reduce dwell time, enrich alerts, reduce SOC engineer incident response time, illicit targeted threat intelligence to compliment 3rd party Threat Intelligence providers

Network Detection and Response (NDR)22%

Endpoint Detection and Response (EDR)42%

Extended Detection and Response (xDR = NDR / EDR / CDR)70%

Intrusion Detection & Prevention Systems (TLS Decrypting) IDPS26%

Deception Technology (External Only)13%

Deception Technology (Internal Only)8%

Deception Technology (External & Internal)10%

View Results

How is your organization managing the impact of data localization laws?

Shifting to local cloud regions100%

Partnering with sovereign cloud providers

Investing in hybrid/multi-cloud governance

Still evaluating the regulatory landscape

View Results

Is self-service data management a reality in your organization, or just a buzzword?

With rising regulations and cyber threats, how are you adapting your data security posture in 2025?

Read More Comments

We're evaluating Microsoft Purview's auto-labeling capabilities for sensitive data discovery and classification across our numerous Azure and O365 tenants. I would like to hear about your experiences, especially regarding these specific points: What are the biggest pros and cons of Purview auto-labeling? Have you seen any limitations with auto-labeling if you haven't deployed the Microsoft Defender product line? If so, what are they? What Microsoft dependencies are there?  Microsoft emphasizes the need for their CASB when using auto-labeling. Why is this necessary, especially if we already have other security products that overlap with the Defender functionalities, like an SSE deployment to include CASB with DLP? We need a centralized approach to data labeling across more than a dozen Azure/O365 tenants. Has anyone successfully achieved this with Purview auto-labeling? Even with RBAC in place, we learned that Purview doesn't mask PII data in logs for DLP events. Does the same apply to auto-labeling? Does it capture PII in the logs? Any insights, best practices, or lessons learned would be greatly appreciated!