Security Awareness

Security awareness is important for end-users to understand and practice. The best security tools are rendered ineffective when end-users are unaware of security risks and proceed to blindly trust seeming innocuous emails and web links.​

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

These include:

  • User Satisfaction Rankings
  • Business Value Scores
  • Vendor Capability Comparisons
  • Product Feature Evaluations

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

These include:

  • Strategy and Innovation
  • Service Experience
  • Conflict Resolution
  • Product Impact
  • Negotiation and Contract

Still need assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Latest Research

How Will Work From Home Change Vulnerability and Patch Management for Businesses in the Future?
July 10, 2020

COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.

Author: Isaac Kinsella (Info-Tech)

Kenna Security Offers Vulnerability Management Options: Kenna.VM & Kenna.VI
May 27, 2020

Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.

Author: Isaac Kinsella (Info-Tech)

Rapid7 Penetration Tests Show That Businesses Are Getting Better at Network Security
May 11, 2020

We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.

Author: Isaac Kinsella (Info-Tech)

See All Research

Security Awareness Products

Filter by:

InfoSec Institute Inc

Infosec IQ

Infosec IQ security awareness and training empowers your employees with the knowledge and skills to stay cybersecure at work and home. With over 2,000 awareness and training resources, you’ll have everything you need to prepare employees to detect, report and defeat cybercrime. Every aspect of the platform can be customized and personalized to match your organization’s culture and employees’ learning styles.

8.8

Composite Score

9.2

CX Score

+95

Emotional Footprint

87%

Likeliness to Recommend

13

Reviews

KnowBe4

KnowBe4 Security Awareness

KnowBe4 is the world's most popular integrated platform for awareness training combined with simulated phishing attacks. We help thousands of organizations to manage the continuing problem of social engineering.

8.2

Composite Score

8.5

CX Score

+87

Emotional Footprint

82%

Likeliness to Recommend

26

Reviews

Webroot Software

Webroot Security Awareness Training

Security awareness training is an education process that teaches employees about cybersecurity, IT best practices, and even regulatory compliance. A comprehensive security awareness program should train employees about a variety of IT, security, and other business-related topics. These may include how to avoid phishing and other types of social engineering cyberattacks, spot potential malware behaviors, report possible security threats, follow company IT policies and best practices, and adhere to any applicable data privacy and compliance regulations (GDPR, PCI DSS, HIPAA, etc.)

8.2

Composite Score

8.4

CX Score

+88

Emotional Footprint

86%

Likeliness to Recommend

19

Reviews

Kaspersky

Kaspersky Security Awareness

Kaspersky Lab has launched a family of computer-based training products that utilize the latest learning techniques and address all levels of the organizational structure. Our integral approach consists of modern learning techniques ensuring all employees are trained up to their best needed level. Gamification, learning-by-doing and repeated reinforcement help to build strong skills retention and prevent obliteration. Each training is engaging and highlighting the personal importance of cybersecurity.

7.6

Composite Score

7.5

CX Score

+72

Emotional Footprint

79%

Likeliness to Recommend

16

Reviews

MediaPro

MediaPro

MediaPro helps you plan and deliver an adaptive awareness program where you analyze your employees’ behavior, target unique training and reinforcement to employees based on their risk profile, and measure your progress along the way with simulated phishing and knowledge assessments.

8.5

Composite Score

9.2

CX Score

+99

Emotional Footprint

85%

Likeliness to Recommend

5

Reviews

Proofpoint

Proofpoint Security Awareness Training

REQUEST A DEMO Overview Engage your end users and arm them against real-world cyber attacks, using personalized cybersecurity training based on our industry-leading threat intelligence. Instead of wasting time with one-size-fits-all content, we help you deliver the right cybersecurity awareness training to the right people at the right time.

8.2

Composite Score

8.6

CX Score

+90

Emotional Footprint

79%

Likeliness to Recommend

6

Reviews

Terranova WW Corporation

Terranova Security Awareness

With our comprehensive, end-to-end suite of security awareness solutions at your disposal, you can address threats completely, effectively and in a way that makes the most sense for your organization and its culture.

7.2

Composite Score

6.9

CX Score

+56

Emotional Footprint

74%

Likeliness to Recommend

6

Reviews

Cofense Inc

Cofense

With more than 90% of breaches attributed to successful phishing campaigns, it’s easy for organizations to point to the everyday employee as the root cause – as the problem to be solved. We disagree. CofenseTM believes employees – humans – should be empowered as part of the solution to help strengthen defenses and gather real-time attack intelligence to stop attacks in progress.

--

Composite Score

--

CX Score

+99

Emotional Footprint

85%

Likeliness to Recommend

3

Reviews

SANS Institute

SANS Securing the Human

Easily manage your cyber awareness training program. The SANS Advanced Cybersecurity Learning Platform makes it easy to track results, be compliant, and change behavior.

--

Composite Score

8.2

CX Score

+88

Emotional Footprint

100%

Likeliness to Recommend

2

Reviews

The Security Awareness Company

The Security Awareness Company

Provides organizations with dynamic security awareness training materials on an international scale since 1991. SAC creates cyber security awareness training programs (including compliance standards such as HIPAA and PCI-DSS) for companies of all sizes.

--

Composite Score

--

CX Score

+100

Emotional Footprint

78%

Likeliness to Recommend

1

Reviews

Sophos

Sophos Phish Threat

Phishing is big business. Attacks have shown record growth in recent years, and a solid security awareness program is an integral part of any defense-in-depth strategy. Sophos Phish Threat educates and tests your end users through automated attack simulations, quality security awareness training, and actionable reporting metrics.

--

Composite Score

0.8

CX Score

-12

Emotional Footprint

33%

Likeliness to Recommend

2

Reviews

Ninjio

Ninjio Aware

NINJIO is a “Content First” Company. Over 200 hours are spent on each Hollywood story-based episode, to deliver the highest quality production on the market today. Most Awareness providers are “Phishing First” companies who have viewed Awareness content as an after-thought. Creating engaging story-based content on a frequent basis keeps cyber security awareness “Top of Mind.” Top of Mind equals retention. Retention changes behavior such that when a user is hit with a threat, they remember how to react. The outcome for your organization- FEWER BREACHES.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Lucy Security

Lucy

Employees are the last line of defense. This is why education, the testing of know-how and the active involvement of employees in your cyber defense are essential components of your IT Strategy. LUCY is SOFTWARE that allows companies to take on the role of an attacker and uncover and close weaknesses in both the technical infrastructure and the staff.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Inspired eLearning

Inspired Security Awareness

Named an Inc. 5000 company for the 5th year in a row, Inspired eLearning delivers the highest quality educational products to transform corporate culture, nurture and enhance workforce skills and deliver maximum ROI for the corporate education budget. Inspired eLearning offers Security Awareness and Compliance solutions that include Security First Solutions, CyQ Cybersecurity Assessment tool, PhishProof phishing assessment software, content integration and a fully hosted web-based eLearning course delivery and tracking system using the iLMS (Inspired Learning Management System).

--

Composite Score

7.7

CX Score

+80

Emotional Footprint

85%

Likeliness to Recommend

3

Reviews

CybSafe

CybSafe Security Awareness Training

CybSafe is the world’s first intelligent cyber security and data analytics platform that enables you to quantify your human cyber risk and resilience, whilst measuring whether your awareness activities (such as training and phishing simulations) are actually working. CybSafe does this in a way both information security professionals and executives can understand and provides data-driven insight that can be used to optimise awareness, behaviour and culture programs. CybSafe is cyber security technology that fuses psychology and behavioural science with artificial intelligence and data science.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

ControlScan Inc

ControlScan Security Awareness

ControlScan’s Security Awareness Training Service delivers courses over the web so that employees can view them anytime and anywhere. You get to choose the courses available to them, which can include general instruction in security as well as specific courses in areas like PCI and HIPAA-HITECH. The ControlScan Security Awareness Training online program can be implemented in days, provides you with a critical security measure, and enables you to demonstrate compliance with training requirements that apply to your business.

--

Composite Score

--

CX Score

+54

Emotional Footprint

0%

Likeliness to Recommend

1

Reviews

BeOne Development Group

BeOne Security Awareness

Employees are increasingly the target of cyber criminals. That is why we help your people improve their cyber skills. With BeOne Development's security awareness solutions, employees can better withstand the current cyber threats. We increase awareness for information security and improve risk-aware behavior. This way we complete your cyber security policy.

--

Composite Score

8.8

CX Score

+100

Emotional Footprint

100%

Likeliness to Recommend

1

Reviews

Barracuda Networks

Barracuda PhishLine

Defend your business against social-engineering attacks and transform employees from potential victims into a layer of defense with Barracuda PhishLine. With PhishLine, you guard against every facet of social-engineering threats with continuous simulation and training for employees. Show them the latest attack techniques, how to recognize the subtle clues and help stop email fraud, data loss, and brand damage.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Mimecast Services

Mimecast Awareness Training Review

Increasing cyber security awareness among your users will undoubtedly help to prevent more cyber security threats. Email-borne threats have always targeted human beings, duping them into clicking on links, opening attachments or providing passwords and personal information that can be used to penetrate cyber security defenses. It doesn't matter how much you've invested in the latest cyber security tools or the most sophisticated cyber security strategies – if your users can't spot a suspicious link or a fraudulent email, your defenses are likely to be compromised.

--

Composite Score

8.4

CX Score

+92

Emotional Footprint

89%

Likeliness to Recommend

1

Reviews

Kratikal Tech Pvt Ltd

ThreatCop

ThreatCop lets you virtually attack your infrastructure to assess the real-time threat posture of an organization from the people's point of view & provide insights.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

All Research

How Will Work From Home Change Vulnerability and Patch Management for Businesses in the Future?
July 10, 2020

COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.

Author: Isaac Kinsella (Info-Tech)

Kenna Security Offers Vulnerability Management Options: Kenna.VM & Kenna.VI
May 27, 2020

Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.

Author: Isaac Kinsella (Info-Tech)

Rapid7 Penetration Tests Show That Businesses Are Getting Better at Network Security
May 11, 2020

We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.

Author: Isaac Kinsella (Info-Tech)

IBM Zero-Day Vulnerabilities Leave Enterprises Open to Remote Execution Attacks
April 30, 2020

Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.

Author: Isaac Kinsella (Info-Tech)

Will New IoT Security Frameworks Push Compliance Obligations to the Forefront of Security Discussions?
April 30, 2020

The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.

Author: Isaac Kinsella (Info-Tech)

Qualys VMDR Is Now Live: Increasing Security Threats Requires Strong Vulnerability Management Software
April 23, 2020

Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.

Author: Isaac Kinsella (Info-Tech)

Windows 7 End-of-Life Troubles Continue: ESUs Don’t Apply to Enterprises That Purchased Licences
March 17, 2020

Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.

Author: Isaac Kinsella (Info-Tech)

Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix
March 17, 2020

Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.

Author: Isaac Kinsella (Info-Tech)

Microsoft Unveils Tamper Support for Windows 10 Defender Advanced Threat Protection
March 16, 2020

Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.

Author: Isaac Kinsella (Info-Tech)

Qualys Discovers Critical Flaw With OpenBSD Mail Server, Multiple Programs Vulnerable
March 11, 2020

Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.

Author: Isaac Kinsella (Info-Tech)

United Nations Faces Cyber-Espionage; Failure to Patch Causes Breach
March 03, 2020

A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.

Author: Isaac Kinsella (Info-Tech)

Microsoft Troubles Continue; Zero-Day Vulnerability Places Windows Users at Risk
February 24, 2020

Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).

Author: Isaac Kinsella (Info-Tech)

Windows 7 Reaches End of Life; Are You About to Pay the Price?
February 24, 2020

Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.

Author: Isaac Kinsella (Info-Tech)

Citrix Systems Remain Vulnerable Despite Patching Attempts
February 04, 2020

A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.

Author: Isaac Kinsella (Info-Tech)

Project Zero Extends Its Vulnerability Disclosure Agreement to 90 Days, Changes to Follow
February 04, 2020

Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.

Author: Isaac Kinsella (Info-Tech)

Bishop Fox Discovers Eight Vulnerabilities in ConnectWise: Patching a Managed Service Provider
January 30, 2020

Cybersecurity firm Bishop Fox identified eight vulnerabilities in ConnectWise’s remote control and remote access software.

Author: Isaac Kinsella (Info-Tech)

Tenable Chosen as the Successor for BeyondTrust’s Vulnerability Management Suite; BeyondTrust Steps Aside
January 30, 2020

Announced on December 31, 2019, BeyondTrust named Tenable as the successor to its Vulnerability Management suite.

Author: Isaac Kinsella (Info-Tech)

Department of Defense Seeks Improved Patch Management Tech: Why You Should Care
January 30, 2020

On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.

Author: Isaac Kinsella (Info-Tech)

Windows 10 Security Flaw Discovered; Millions of Devices at Risk
January 28, 2020

On January 14, Microsoft issued a statement acknowledging a crucial security flaw within its Windows 10 operating systems: a failure in the Windows 10 CryptoAPI service that affects both Windows 10 and Windows Server Update systems.

Author: Isaac Kinsella (Info-Tech)

Cisco Suffers Security Flaw With Zoom Interoperability
December 19, 2019

Cisco is beginning to lose patience with its Zoom interoperability after another Zoom security risk: access for the Zoom Connector for Cisco hosted on zoom.us did not require authentication, allowing external users to join a Zoom meeting without password credentials.

Author: Thomas Randall (Info-Tech)

KnowBe4 Completes the FedRAMP Authorization Process
November 05, 2019

On October 30, 2019, KnowBe4, a leader in the end-user security training space, was awarded Federal Risk and Authorization Management Program (FedRAMP) approval from the US federal government.

Author: Ian Mulholland (Info-Tech)

National Cyber Security Alliance Names Habitu8 As Their Official Security Awareness Video Training Partner
October 03, 2019

For 2019’s National Cybersecurity Awareness Month (NCSAM), the National Cyber Security Alliance (NCSA) has named the security awareness and training vendor Habitu8 its official partner.

Author: Ian Mulholland (Info-Tech)

KnowBe4 Releases Machine Learning Module for PhishER Platform
October 03, 2019

Security awareness and training vendor KnowBe4 has added a machine learning module called PhishML to its existing SOAR platform, PhishER.

Author: Ian Mulholland (Info-Tech)

Trend Micro Partners With NINJIO, InfoSec, GoldPhish, and NextTech Security to Offer Free Training Content
August 24, 2019

Trend Micro has added training content to its free Phish Insight tool, originally a simple, cloud-based phishing platform. The new training content comes from partnerships with NINJIO, InfoSec, GoldPhish, and NextTech Security.

Author: Ian Mulholland (Info-Tech)

Prebuilt, Layered Campaign Kits Make Security Awareness and Training a Low-Effort, High-Value Initiative
August 23, 2019

Infosec now offers campaign kits through its Infosec IQ product: prebuilt campaigns consisting of layered training materials and implementation recommendations. While many vendors are willing to provide guidance on how you should build and deliver your campaign, these kits from Infosec Institute already have that guidance built in.

Author: Ian Mulholland (Info-Tech)

Avaya Releases New Firmware to Resolve Vulnerability in VoIP Phones
August 21, 2019

Avaya’s newly released firmware addresses a vulnerability that has survived for 10 years in VoIP phone models configured with H.323 signaling.

Author: Thomas Randall (Info-Tech)

Hacker Compromises Data of 106 Million Capital One Customers
August 14, 2019

A hacker has compromised 106 million Capital One customers after a data breach. But the real story might be less to do with cloud security itself and more to do with Capital One’s own security engine for cloud services.

Author: Thomas Randall (Info-Tech)

Load More