Kaspersky Security Awareness vs. Proofpoint Security Awareness Training

We receieve a lot of emails per day. And I mean a Lot. Said that, this
program has been useful because it shows how to analyse emails and
detect possible phisihing attacks. The knowledge of emails is pretty big
and means you are always up to date in terms of scam emails. For daily
use it's pretty useful.

Incentivized

I think that Proofpoint is the best product on the market for Security Awareness Training. They make it easy, they have taken all the guess work out of it. You are supplied with everything you need to have a successful program and you don't have to be a "teacher" to do this. They have taken all of the guess work out of it.

Incentivized

• Easy to understand examples of phishing emails
• It trainings for employees
• Goals that can be adapted to each role

Incentivized

• The report phish Outlook add-in button has had a positive influence on our users. We have many users regularly reporting suspect phish emails.
• The templates for the phish campaigns are very up to date, using real life recent phishing attacks. This makes our phishing campaigns much more realistic.
• The training modules from PSAT are very effective and useful with our LMS system.

Incentivized

• I wish we could attach a custom file to the phishing
• I wish there was a way to edit the return screen when a user clicks on the phishing.
• I would like there to be an integration with Google Workspace, to add a feature to Gmail, for the user to report as phishing, like there is for 365.

Incentivized

• The platform provides options for many different reports (with some customization options), however, there are reports that I would want that are not available.
• Adding new staff (we have a lot of turn-over) into an existing training plan can be cumbersome for the system administrator. Although End-User Sync can be set-up to "add" new users to the system, the new users still need to manually be added to the assignments and sent past assignments to complete. (NOTE: this was made more difficult because of our decision to implement a training plan the way we did).
• Some of the ThreatSim campaigns (simulated phishing or malicious attachment emails) will only work if you are using their PhishAlarm plug-in (add-on button for Outlook, etc. for users to easily report suspected threats). Our users access email by iPhones, Android, iPads, PCs, and Macs. PhishAlarm cannot be used for all of these platforms.

Incentivized

• The product is great for what we use it for
• We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
• The package/service as a whole is incredibly helpful
• The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.

Incentivized

The platform gains new features and its UI is always being updated, the user's training and phishing history is a differentiator. Filters make it much easier to search for users, and we can add new fields to include different sectors and business units.

Incentivized

Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries

Incentivized

I have never had any issues with receiving support and have always had my questions answered in a timely manner. When we do have suggestions, the support has been ready to step in and provide advice or take our suggestions seriously. But normally, there aren't any issues that come up when using this product.

Incentivized

For the cost-benefit, we chose Kaspersky Security Awareness, we got a trial with many licenses, this was decisive in the purchase, as we were able to do a phishing simulation and test our maturity in relation to our users.

Incentivized

The "Managed Service" (a dedicated ProofPoint Account Rep c/w weekly status calls) significantly reduces the resource demand on the area within your company managing the program. The KnowBe4 Platform does all the same stuff (Training Modules, Reports, ThreatSim Tools), but you (or your staff) need to do considerably more work to manage the Overall Program. The uplift in cost for this service is minimal.

Incentivized

• For compliance, we were looking for a tool that covered cybersecurity awareness training and phishing campaigns.
• We studied other tools, but the price of phishing campaigns alone was too high. This tool integrated everything.
• Our target in phishing campaigns was less than 4% of clicks, in more than 2 years using the platform, we went from 25% to 2% in click percentages in targeted and general campaigns.

Incentivized

• I don't think there are hard and fast numbers when it comes to Security Awareness ROI, as it would be next to impossible to come up with any defined metrics.
• Phishing campaigns vary in their effectiveness, what I've found is that there is always something that will trigger your employees to click. Finding what that is for your company can help you train everyone to see the red flags.

Incentivized