TrustRadius: an HG Insights company

Cofense PhishMe Reviews & Insights

Score9.6 out of 10

51 Reviews and Ratings

Community insights

TrustRadius Insights for Cofense PhishMe are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

User-Friendly Interface: Many users have praised the product for its friendly and intuitive user interface, making it easy to navigate and organize campaigns. It has been described as intuitive and has saved users time by allowing them to report phishing attempts with just a click of a button.

Customizability: The ability to customize the product has been highly valued by users. They appreciate the flexibility in creating automation rules and recipes to handle a large flow of reports. Users also mentioned that the product offers detailed whitelisting instructions and a wide variety of customizable templates.

Excellent Customer Support: Users have consistently praised the customer support provided by the company. They found the support to be great, with an outstanding account manager. Assigned professionals advising and suggesting the best approach for their user base was also appreciated. The availability of multilingual support was mentioned as a positive aspect for global companies.

Cofense PhishMe Reviews

28 Reviews

The best tool to go on a Phishing trip!

Rating: 10 out of 10

Use Cases and Deployment Scope

We basically use it to analyse and check if any mails reported by the users are phishing mails. Well it helps us to identify any mails that might have been missed by the email services. Also we love the quick and easy response and reaction we can take once we identify a phish.

Pros

  • Playbooks
  • Rules matching
  • Risk Score
  • IOC Matching

Cons

  • Custom Triggers
  • Custom Reports

Likelihood to Recommend

Flexibility to tackle all the phishing aspects of the company.
Vetted Review
Cofense PhishMe
3 years of experience

Cofense PhishMe? You reeled me in!

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We give each user the ability to report any email they deem suspicious, which then gets reviewed by a team within cybersecurity. The overall depth and information provided by Cofense has significantly increased our odds of detecting a malicious threat actor. It has also freed up a lot more time for the cyber team to work on other projects!

Pros

  • Gives a plethora of data
  • Automation
  • Metrics

Cons

  • The ability to change templates on the fly. Not all emails fit a certain template and I would like to not have to reach out to a user separately but instead be able through Cofense.

Likelihood to Recommend

It is one of the more commonly used tools within our stack. Gives users peace of mind that they can send suspicious emails to those that have a bit more training in what to look for.
Vetted Review
Cofense PhishMe
2 years of experience

Cofense PhishMe from an MSSP view

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We are an MSSP for Cofense PhishMe, and offer it as a managed service to our clients. We aim to solve our client's problems of poor phishing awareness and training, by offering this as a service. We run phishing simulations monthly using the platform and use the statistics it provides to create a monthly report to inform our clients about their success with training their users. Our simulations can be simple using the base templates, but we also offer customized scenarios, which use the PhishMe service to customize the details of a template and schedule and deploy the simulation to the client.

Pros

  • Customisation
  • Detailed whitelisting instructions
  • Flexible scheduling options
  • Good customer support
  • Detailed and accurate statistics

Cons

  • Cofense PhishMe could recommend current trends as templates
  • There could be options to have multiple clients on one accounting for a basic shared service for clients who want a cheaper option
  • A clearer dashboard that displays the statistics per scenario, and gives numbers of clicks/reports as well as the percentage, as the clients often want numbers as well as percentages

Likelihood to Recommend

Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
Vetted Review
Cofense PhishMe
2 years of experience

The Most Comprehensive phishing system in the world.

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We are using Cofense frequently to report phishing mail. It is addressing resolving reporting issues before the user reporting is very difficult and it will take time; now, it is easy to report and find the malware, but it is very time-consuming. Cofense is very helpful for auto categorizations, so it will save lots of time.

Pros

  • Creating the Rule for know emails.
  • Sending notification is very useful to forward the request to SOC team for analyzing.
  • Running play book is very useful and easy to resolve the issue.

Cons

  • In the matches we need more details.
  • Creating rules is very difficult.
  • YARA rules are not understandable.

Likelihood to Recommend

The Cofense PhishMe is well suited in all the scenarios for reporting from the end-user side. It is much easier to report to INFOSEC from the end user. In a small environment or that doesn't have owned domain, in this case, it is less appropriate to use the PhishMe. Otherwise, all the places the Cofense will support.

Cofense PhishMe - Review

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

Amazing product for processing the reported phishing emails. Threat intelligence from Cofense PhishMe is very useful, and they have a [wide variety] of simulation templates.

Pros

  • Process reported phishing emails
  • Threat Intelligence
  • Phishing Simulation

Cons

  • AI in Cofense PhishMe protect
  • Future products
  • Integrations with other technologies

Likelihood to Recommend

Best for processing reported phishing emails.
Vetted Review
Cofense PhishMe
4 years of experience

Cofense PhishMe!! The AIO solution to your Phishing Campaigns and User Awareness

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Cofense PhishMe is an all-in-one solution for increasing Mail Security Awareness in the organisation. We use it to simulate phishing campaigns across different verticals in the organisation and calculate the susceptibility rate of the users to make them more aware of the indicators of compromise in phishing emails.

Pros

  • Phishing Campaigns
  • Historical Graphs for Phishing Campaigns
  • Security Awareness Banners

Cons

  • A better UI for which Cofense PhishMe is already working
  • More region specific domains for phishing Campaigns
  • More region specific scenarios for Phishing Campaigns

Likelihood to Recommend

It's a very apt tool for the scenario where there are multiple users and verticals in an organisation. Phishing Campaigns and recording their response actions is quite easier through this tool. Not suitable for a small organization (less than 500) that can maybe use some open tools or self-made emails for campaigns.
Vetted Review
Cofense PhishMe
2 years of experience

Cofense [PhishMe] at a Glance

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

[Cofense PhishMe] is used at Express for security awareness, security education, and protection of the organization from bad actors that are persistent and relentless in the pursuit of attacking the organization from the storefront, back office, and the C-suite.

Pros

  • Education
  • Filtering know bad.
  • Responding to the reporter.

Cons

  • Threat Intel API feeds.
  • Sandbox
  • User generated reporting.

Likelihood to Recommend

[Cofense] PhishMe is well suited for [medium] to large organizations with [a] dedicated analyst that [is] continually working the findings, building new phishing campaigns and removing malicious emails from the end users mailboxes.
It is less appropriate for SMB's that have limited resources to manage the day to day usage of the product.

Fantastic product for the price, robust feature set

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

Cofense PhishMe is being used across the entire organization. Users use the Report Phish button in Outlook to report suspicious emails, then the Cofense PhishMe triage server responds back letting the user know if the email is safe or malicious. It helps the business prevent phishing attacks and account compromises.

Pros

  • Quick response from triage.
  • Simple and easy to use.
  • Accurate

Cons

  • More automation.
  • Ability to work in non-outlook apps.

Likelihood to Recommend

Cofense PhishMe is a great tool for security awareness and for preventing phishing attacks. It allows users to report suspicious emails before they click them themselves.
Vetted Review
Cofense PhishMe
4 years of experience

Product review: Cofense PhishMe

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

We are using the Cofense PhishMe solution to send phishing scenarios and we are getting great results and great views in the console. The platform is easy to use and has a lot of resources. We are also using targeted scenarios from the module. Also, the LMS module provides great value to organizations as they have generalized security modules and also have gamification modules for security awareness programs. The platform is user-friendly and does not require training to use the platform. I was able to use it without any prior training. I am able to perform all phishing scenarios from the user-friendly console.

Pros

  • Learning
  • Phishing scenerios
  • Awareness letters

Cons

  • New content
  • Innovative
  • Resources for training

Likelihood to Recommend

It's well suited for any type of organization. They have content from different languages and different categories. So if you need your company to send targeted phishing scenarios to Spanish users, then they have templates in that language too. Also, we can use templates to target different departments. We are using different templates to target new hires, oversee people, and so on.

Phishing simulation with a small team for a big company

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

In the past, we were using it only on a quarterly basis as a benchmark type of activity. Nowadays, we are offering Phishing Simulation as a service to our departments and we are slowly getting to 1 big Q exercise (250k people) and 3-4 monthly ones (anywhere from 50 to 5k users).

Pros

  • Friendly UX.
  • Huge selection of phishes.
  • Ability to customize.

Cons

  • Web version support - sometimes it's too laggy.
  • Upload/download rate for results and recipient lists.

Likelihood to Recommend

I am one of the Phishing Simulation ambassadors and I am eager to talk to those who listen. This tool is great at educating people and changing their behavior - although, in some parts, it still uses terminology that incites some senior leaders to use punitive methods (like repeat clickers, etc).