Security awareness is important for end-users to understand and practice. The best security tools are rendered ineffective when end-users are unaware of security risks and proceed to blindly trust seeming innocuous emails and web links.
The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.
These include:
The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.
These include:
We're here to help you with understanding our reports and the data inside to help you make decisions.
Unlock the customizable Data Quadrant and choose the data to create the quadrant that's right for you
See the most recent winners of our SoftwareReviews Data Quadrant Awards. View our Gold Medalists and compare top vendors using our free downloadable reports.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
Infosec IQ security awareness and training empowers your employees with the knowledge and skills to stay cybersecure at work and home. With over 2,000 awareness and training resources, you’ll have everything you need to prepare employees to detect, report and defeat cybercrime. Every aspect of the platform can be customized and personalized to match your organization’s culture and employees’ learning styles.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Security awareness training is an education process that teaches employees about cybersecurity, IT best practices, and even regulatory compliance. A comprehensive security awareness program should train employees about a variety of IT, security, and other business-related topics. These may include how to avoid phishing and other types of social engineering cyberattacks, spot potential malware behaviors, report possible security threats, follow company IT policies and best practices, and adhere to any applicable data privacy and compliance regulations (GDPR, PCI DSS, HIPAA, etc.)
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
KnowBe4 is the world's most popular integrated platform for awareness training combined with simulated phishing attacks. We help thousands of organizations to manage the continuing problem of social engineering.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Increasing cyber security awareness among your users will undoubtedly help to prevent more cyber security threats. Email-borne threats have always targeted human beings, duping them into clicking on links, opening attachments or providing passwords and personal information that can be used to penetrate cyber security defenses. It doesn't matter how much you've invested in the latest cyber security tools or the most sophisticated cyber security strategies – if your users can't spot a suspicious link or a fraudulent email, your defenses are likely to be compromised.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
With our comprehensive, end-to-end suite of security awareness solutions at your disposal, you can address threats completely, effectively and in a way that makes the most sense for your organization and its culture.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Easily manage your cyber awareness training program. The SANS Advanced Cybersecurity Learning Platform makes it easy to track results, be compliant, and change behavior.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Named an Inc. 5000 company for the 5th year in a row, Inspired eLearning delivers the highest quality educational products to transform corporate culture, nurture and enhance workforce skills and deliver maximum ROI for the corporate education budget. Inspired eLearning offers Security Awareness and Compliance solutions that include Security First Solutions, CyQ Cybersecurity Assessment tool, PhishProof phishing assessment software, content integration and a fully hosted web-based eLearning course delivery and tracking system using the iLMS (Inspired Learning Management System).
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Kaspersky Lab has launched a family of computer-based training products that utilize the latest learning techniques and address all levels of the organizational structure. Our integral approach consists of modern learning techniques ensuring all employees are trained up to their best needed level. Gamification, learning-by-doing and repeated reinforcement help to build strong skills retention and prevent obliteration. Each training is engaging and highlighting the personal importance of cybersecurity.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
REQUEST A DEMO Overview Engage your end users and arm them against real-world cyber attacks, using personalized cybersecurity training based on our industry-leading threat intelligence. Instead of wasting time with one-size-fits-all content, we help you deliver the right cybersecurity awareness training to the right people at the right time.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
MediaPro helps you plan and deliver an adaptive awareness program where you analyze your employees’ behavior, target unique training and reinforcement to employees based on their risk profile, and measure your progress along the way with simulated phishing and knowledge assessments.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Phishing is big business. Attacks have shown record growth in recent years, and a solid security awareness program is an integral part of any defense-in-depth strategy. Sophos Phish Threat educates and tests your end users through automated attack simulations, quality security awareness training, and actionable reporting metrics.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
With more than 90% of breaches attributed to successful phishing campaigns, it’s easy for organizations to point to the everyday employee as the root cause – as the problem to be solved. We disagree. CofenseTM believes employees – humans – should be empowered as part of the solution to help strengthen defenses and gather real-time attack intelligence to stop attacks in progress.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Provides organizations with dynamic security awareness training materials on an international scale since 1991. SAC creates cyber security awareness training programs (including compliance standards such as HIPAA and PCI-DSS) for companies of all sizes.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
NINJIO is a “Content First” Company. Over 200 hours are spent on each Hollywood story-based episode, to deliver the highest quality production on the market today. Most Awareness providers are “Phishing First” companies who have viewed Awareness content as an after-thought. Creating engaging story-based content on a frequent basis keeps cyber security awareness “Top of Mind.” Top of Mind equals retention. Retention changes behavior such that when a user is hit with a threat, they remember how to react. The outcome for your organization- FEWER BREACHES.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Employees are the last line of defense. This is why education, the testing of know-how and the active involvement of employees in your cyber defense are essential components of your IT Strategy. LUCY is SOFTWARE that allows companies to take on the role of an attacker and uncover and close weaknesses in both the technical infrastructure and the staff.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
CybSafe is the world’s first intelligent cyber security and data analytics platform that enables you to quantify your human cyber risk and resilience, whilst measuring whether your awareness activities (such as training and phishing simulations) are actually working. CybSafe does this in a way both information security professionals and executives can understand and provides data-driven insight that can be used to optimise awareness, behaviour and culture programs. CybSafe is cyber security technology that fuses psychology and behavioural science with artificial intelligence and data science.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
ControlScan’s Security Awareness Training Service delivers courses over the web so that employees can view them anytime and anywhere. You get to choose the courses available to them, which can include general instruction in security as well as specific courses in areas like PCI and HIPAA-HITECH. The ControlScan Security Awareness Training online program can be implemented in days, provides you with a critical security measure, and enables you to demonstrate compliance with training requirements that apply to your business.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Employees are increasingly the target of cyber criminals. That is why we help your people improve their cyber skills. With BeOne Development's security awareness solutions, employees can better withstand the current cyber threats. We increase awareness for information security and improve risk-aware behavior. This way we complete your cyber security policy.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Fight phishing and other potentially devastating attacks that can slip through security gateways. These evolving and sophisticated attack techniques, designed to fool employees, put your business at risk for data loss, financial fraud, and embarrassing exposure. Transform employees into a layer of defense with Barracuda PhishLine.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
ThreatCop lets you virtually attack your infrastructure to assess the real-time threat posture of an organization from the people's point of view & provide insights.
Composite Score
CX Score
Emotional Footprint
Likeliness to Recommend
Reviews
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.
Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.
The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.
Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.
Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.
Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.
Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.
A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.
Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).
Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.
A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.
Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.
Cybersecurity firm Bishop Fox identified eight vulnerabilities in ConnectWise’s remote control and remote access software.
Announced on December 31, 2019, BeyondTrust named Tenable as the successor to its Vulnerability Management suite.
On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.
On January 14, Microsoft issued a statement acknowledging a crucial security flaw within its Windows 10 operating systems: a failure in the Windows 10 CryptoAPI service that affects both Windows 10 and Windows Server Update systems.
Cisco is beginning to lose patience with its Zoom interoperability after another Zoom security risk: access for the Zoom Connector for Cisco hosted on zoom.us did not require authentication, allowing external users to join a Zoom meeting without password credentials.
On October 30, 2019, KnowBe4, a leader in the end-user security training space, was awarded Federal Risk and Authorization Management Program (FedRAMP) approval from the US federal government.
For 2019’s National Cybersecurity Awareness Month (NCSAM), the National Cyber Security Alliance (NCSA) has named the security awareness and training vendor Habitu8 its official partner.
Security awareness and training vendor KnowBe4 has added a machine learning module called PhishML to its existing SOAR platform, PhishER.