We just raised a $30M Series A: Read our story

Top 8 Security Awareness Training Tools

KnowBe4Sophos Phish ThreatWombat Security Education PlatformThreatCopCofense PhishMeWebroot Security Awareness TrainingMimecast Awareness TrainingBarracuda PhishLine
  1. leader badge
    There are many valuable features. It's already deployed in the cloud, and you don't have to install anything. You just upload your users to the cloud and tweak something if needed. You can whitelist some servers to work with this properly. When everything is ready, you can start using the platform and its many automated features.
  2. It is easy to use.The scalability is very good.
  3. Find out what your peers are saying about KnowBe4 vs. Sophos Phish Threat and other solutions. Updated: September 2021.
    542,029 professionals have used our research since 2012.
  4. Most valuable is the SSO integration with our AD, so the users can employ our federation service to log in.
  5. This tool has great value for money with excellent features like unlimited cyber-attack simulation cycles, periodic assessment, employee hack records as well as gamified assessment.
  6. The GUI works well and it is really well built.
  7. report
    Use our free recommendation engine to learn which Security Awareness Training solutions are best for your needs.
    542,029 professionals have used our research since 2012.

Advice From The Community

Read answers to top Security Awareness Training questions. 542,029 professionals have gotten help from our community of experts.
Evgeny Belenky
Dear IT Central Station community, What advice can you share with the community (especially with enterprise users) on Password Day 2021? Thanks, IT Central Station Community Team
author avatarSylvain Déjardin
Real User

Hi,


As requested by Evgeny, my 2 cents.

Nowadays "Password" are still needed. They should be kept in a vault in order to copy/paste them with some kind of security feeling. Mandatory in IT with compliancies and good thing at home.

Tomorrow maybe endusers would have a "security device" to protect their access and share their controlled identity through unique Authentification service. (Because SMS and OTP are not so secure)

Today only few public website use security device.


But more and more company use them at least to secure each employee vault like Big 4 IT/Compagnies

Kind Regards

author avatarreviewer1324719 (PAM Architect at a tech services company with 11-50 employees)
Real User

The very question is endemic of the problem associated with passwords. A day devoted to password considerations. Tomorrow they will be long forgotten. As I see it, there are a few levels of considerations to be included in this question:



  1. Personally related

    1. Banks

    2. Brokerages

    3. Utilities

    4. Commercial credit cards



  2. Private Memberships

    1. Organization memberships

    2. Financial responsibilities

    3. Membership Roles & Access



  3. Professional

    1. Internal organizational

      1. Email

      2. SharePoint

      3. Workday



    2. Client based

      1. VPN

      2. Access oriented (Systems, applications, resources)






Most personal users use the same password for ALL their connections. Worse, many users cache and remember these connections in their browsers. This is the #1 area I would suggest addressing to have the greatest positive impact for Home User scenarios.


A good password with length and complexity is the start, followed by having a password vault, with Norton Password Safe being my favorite, but Pwsafe and KeePass are good candidates for storage of many complex passwords.


Apply these principles personally and professionally.


Security Awareness Training Articles

Tjeerd Saijoen
CEO at Rufusforyou
Jun 23 2021
Security and protecting your environment are the biggest challenges now. Is this because we don't have software to protect our environment or is it anything else? In the past, I started with mainframes and no worries about hackers.  Today, we are dealing with a silo approach. Servers are at… (more)

Security and protecting your environment are the biggest challenges now. Is this because we don't have software to protect our environment or is it anything else?

How I stop hackers and protect my IT environment - Part 1

In the past, I started with mainframes and no worries about hackers. 

Today, we are dealing with a silo approach. Servers are at various locations, ICT staff is working in a silo environment and we are dealing with applications in separate locations: cloud environments, multiple clouds, and a hybrid one.

For ICT staff it's difficult to keep an eye on this complex environment and did we close everything. Next, we have vendors changing browsers at a rapid speed as well OS vendors. A lot of times we must apply fix packs as an emergency solution to close a security gap.

If you have a lot of servers and desktops in various locations and do not have the right tools it will be difficult to detect if you have a security breach somewhere in the environment.

How do we start?

Most of the time, security is closing security holes in our environment. But how do we know?

First, the architecture of your environment. You need to look holistically through the complete environment. For example, the IT architecture. Do you know how a transaction flows over your network, from an end-user over routers, switches, firewalls, load balancers, servers, databases, webservers, etc.?

Now you know why a CMDB ( Configuration Management Database) and IT landscape discovery tools are important. All our IT assets will be placed in a CMDB: the last access date, the change date, and who has changed or created the asset. This way we can monitor unauthorized access.

Next, we need to learn how applications communicate, about open ports, public IPs, etc. 

This is part 1 and I will continue next week.

(less)
Tjeerd Saijoen
CEO at Rufusforyou
May 06 2021
How are security and performance related to each other? Today a lot of monitor vendors are on the market, most of the time they focus on a particular area, for example, APM (Application Performance Monitoring) or Infrastructure monitoring. Is this enough to detect and fix all problems? Now our… (more)

How are security and performance related to each other?

Today a lot of monitor vendors are on the market, most of the time they focus on a particular area, for example, APM (Application Performance Monitoring) or Infrastructure monitoring. Is this enough to detect and fix all problems?

How are performance and security related?

Now our landscape is changing rapidly. In the past, we had to deal with one system. Today we are dealing with many systems in different locations. For example, your own data center called on-premise. Next, we have on-premise and for example AWS, and now we get on-premise and AWS and Azure and it doesn't stop. Now hackers have more locations and a better chance to find a weak spot in the chain, also if performance slows down, where is the problem. 

Because of this, you need many different monitoring tools also they don't monitor your application or OS parameter settings. For example, I have a webserver and it has a parameter to set the number of concurrent users to 30, a monitor tool will probably tell you more memory is required, you ad more expensive memory and you get the same result more memory, while the real solution is to adjust those parameter settings. 

We had several applications running for years while the total number of end users is rapidly growing, now most people don't adjust the parameters because they are not aware of they exist and the right value. 

How are performance and security related to each other, if they compromise systems as well you will see unusual behavior in performance? For example, a performance drop and more CPU will be allocated. For this, you need monitors capable of looking holistic to the complete environment, checking parameter settings and alert on unusual behavior also look for one single dashboard to check your environment including the cloud. Don't look at a sexy dashboard but more important a functional dashboard. Important is the tool capable and give it advise on what to do or is it to tell you there is a problem in the database but it doesn't tell you the buffer setting on DB xxx needs to be adjusted from 2400 Mb to 4800 MB

If we have the right settings, performance will increase and better performance is more transactions. More transactions mean more selling and more business.

(less)
Caleb MillerGood article, but the spelling and grammatical errors are pretty blatant.
Find out what your peers are saying about KnowBe4 vs. Sophos Phish Threat and other solutions. Updated: September 2021.
542,029 professionals have used our research since 2012.