Cofense Triage vs. KnowBe4 PhishER/PhishER Plus

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cofense Triage
Score 9.4 out of 10
Enterprise companies (1,001+ employees)
Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.N/A
KnowBe4 PhishER/PhishER Plus
Score 9.2 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
$0.75
per month (billed annually) per seat
Pricing
Cofense TriageKnowBe4 PhishER/PhishER Plus
Editions & Modules
No answers on this topic
3001-5000 Monthly Pricing Per Seat
$0.75
per month (billed annually) per seat
2001-3000 Monthly Pricing Per Seat
$0.85
per month (billed annually) per seat
1001-2000 Monthly Pricing Per Seat
$1.00
per month (billed annually) per seat
501-1000 Monthly Pricing Per Seat
$1.15
per month (billed annually) per seat
101-500 Monthly Pricing Per Seat
$1.50
per month (billed annually) per seat
Offerings
Pricing Offerings
Cofense TriageKnowBe4 PhishER/PhishER Plus
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeOptionalNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cofense TriageKnowBe4 PhishER/PhishER Plus
Features
Cofense TriageKnowBe4 PhishER/PhishER Plus
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
Cofense Triage
6.4
Ratings
31% below category average
KnowBe4 PhishER/PhishER Plus
8.7
Ratings
1% below category average
Integration with Other Security Systems5.00 Ratings8.50 Ratings
Attack Chain Visualization6.10 Ratings00 Ratings
Centralized Dashboard7.70 Ratings8.70 Ratings
Live Response for Rapid Remediation6.70 Ratings8.70 Ratings
Company-wide Incident Reporting00 Ratings8.70 Ratings
Machine Learning to Prevent Incidents00 Ratings8.70 Ratings
User Ratings
Cofense TriageKnowBe4 PhishER/PhishER Plus
Likelihood to Recommend
7.5
(0 ratings)
8.8
(0 ratings)
Likelihood to Renew
10.0
(0 ratings)
8.3
(0 ratings)
Usability
10.0
(0 ratings)
8.0
(0 ratings)
Availability
10.0
(0 ratings)
-
(0 ratings)
Performance
10.0
(0 ratings)
-
(0 ratings)
Support Rating
-
(0 ratings)
8.2
(0 ratings)
In-Person Training
10.0
(0 ratings)
-
(0 ratings)
Implementation Rating
10.0
(0 ratings)
9.1
(0 ratings)
Configurability
10.0
(0 ratings)
7.3
(0 ratings)
Ease of integration
-
(0 ratings)
8.2
(0 ratings)
Product Scalability
10.0
(0 ratings)
-
(0 ratings)
Vendor post-sale
10.0
(0 ratings)
-
(0 ratings)
Vendor pre-sale
10.0
(0 ratings)
-
(0 ratings)
User Testimonials
Cofense TriageKnowBe4 PhishER/PhishER Plus
Likelihood to Recommend
The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result. Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors
Read full review
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
Read full review
Pros
  • Separating links and attachments contained in the email, and checking to see if they are known malicious.
  • Clustering like emails to save time when responding.
  • Providing risks scores with each cluster to give an estimate on which clusters should be addressed first.
Read full review
  • Well structured KMSAT, PAB is a great addition.
  • Good Training Library, ability to customize templates
  • Phish/ER opens a windows to types & volume of suspect emails and allows admins to act upon.
  • "Rooms" in Phish/ER, to me, is considered my entry point to start my admin duties.
  • PAB and Phish/ER work very well together.
  • KnowBe4 Learner App is a great addition.
Read full review
Cons
  • YARA rules, while the functionality is fantastic I've found that the documentation can be a bit confusing. Although, that might just be my personal experience.
  • Rare glitches make the send notification button unusable. This can be remediated by navigating to a different report, but [it] is a bit of a pain in the moment.
  • I would like to see a dark mode get added as well, but that's obviously a tertiary concern.
Read full review
  • Issues with Global Blocklist
  • Email Template Modification - Simplification
  • Target Specific Users vs. Groups
  • PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides.
Read full review
Likelihood to Renew
Cofense is stable and provides easy to use solution to aid the investigation of emails as well as managing simulated phishing campaigns.
Read full review
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
Read full review
Usability
The interface is easy and intuitive.
Read full review
I think that the system is well designed and makes it easy to fine phishing emails that have been reported. It also has a simple user interface that allows you to review and address threat emails also providing an automated component that allows for automated threat mitigation and customized feedback responses to users
Read full review
Reliability and Availability
We've experienced zero downtime.
Read full review
No answers on this topic
Performance
No slowness seen.
Read full review
No answers on this topic
Support Rating
No answers on this topic
Responses to questions were answered quickly and accurately.
Read full review
In-Person Training
Training was through, relevant and easy to follow.
Read full review
No answers on this topic
Implementation Rating
No answers on this topic
It was very simple to implement - with just a few settings needed to connect it to our O365 environment
Read full review
Alternatives Considered
The other product had a lot of fails on the auto-processing and did not integrate well with our current environment. One issue had to do with the way it sends the submissions to its processing engine—our email gateway configuration would have blocked this traffic. I also did not like the user interface.
Read full review
We evaluated the Titan options because we have already used their DNS filtering product. However, KnowBe4 came in with a better price per user and a significantly stronger product lineup, particularly with its security awareness training component.
Read full review
Scalability
We've experienced zero downtime
Read full review
No answers on this topic
Return on Investment
  • The biggest impact has been the time saved.
  • My company had nothing of this sort previously and we were stuck trying to make use of free resources and doing things very manually. Triage was a huge life saver in this area.
  • The ability to quickly respond to several users at once has been a great help.
Read full review
  • There has been a 700% increase in emails being reported now. Previously, staff were only reporting 4 emails a month. It is easier for us to promote the phish alert button, receive automated remediation and rapidly respond.
  • We had no reports on the amount of phishing emails were coming through Mimecast but now we have reports for the board of trustees.
  • Every Wednesday we talk about cyber security to all staff, PhishER allows us to point out the trend and what to look out for which raises awareness. Never before were we able to talk about cyber security like this.
Read full review
ScreenShots

Cofense Triage Screenshots

Screenshot of Triage DashboardScreenshot of Triage Dashboard Cluster DetailsScreenshot of Triage Cluster DetailsScreenshot of Triage Cluster Malicious AttachmentScreenshot of Triage Cluster HeadersScreenshot of Triage Reporter Details

KnowBe4 PhishER/PhishER Plus Screenshots

Screenshot of how PhishER Plus enables a critical workstream to help IR teams work together to mitigate the phishing threat and is suited for any organization that wants to automatically prioritize and manage potentially malicious messages.