Compare and Evaluate

Security Awareness & Training

Security awareness is important for end-users to understand and practice. The best security tools are rendered ineffective when end-users are unaware of security risks and proceed to blindly trust seeming innocuous emails and web links.​

Data Quadrant report cover

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

These include:

  • User Satisfaction Rankings
  • Business Value Scores
  • Vendor Capability Comparisons
  • Product Feature Evaluations
Emotional Footprint report cover

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

These include:

  • Strategy and Innovation
  • Service Experience
  • Conflict Resolution
  • Product Impact
  • Negotiation and Contract

Still need assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Powered by Info-Tech Research Group
Powered by Info-Tech Research Group

Next Award: February 2021

Latest Award Icon
Security Awareness & Training Emotional Footprint Awards

Write a review to help crown the next winner in Security Awareness & Training, then follow us on LinkedIn to get notified about the results. For every approved review you will receive some compensation for your time and effort.

Latest Award: August 2020

Latest Award Icon

See the most recent winners of our SoftwareReviews Data Quadrant Awards. View our Gold Medalists and compare top vendors using our free downloadable reports.

Latest Research

5
Aug

Author: Isaac Kinsella (Info-Tech) &
Jimmy Tom (Info-Tech)

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Security Awareness & Training Products

Filter by:

Data QuadrantReport

A thorough evaluation and ranking of all software to compare software across every dimension.

Data Quadrant Report report

Emotional FootprintReport

A detailed and unique report that captures a powerful indicator of overall user feeling toward the vendor and product.

Emotional Footprint Report report
Badge Winner

Infosec

Infosec IQ

Infosec IQ security awareness and training empowers your employees with the knowledge and skills to stay cybersecure at work and home. With over 2,000 awareness and training resources, you’ll have everything you need to prepare employees to detect, report and defeat cybercrime. Every aspect of the platform can be customized and personalized to match your organization’s culture and employees’ learning styles.

8.9

Composite Score

9.3

CX Score

+95

Emotional Footprint

90%

Likeliness to Recommend

22

Reviews

Badge Winner

Webroot Software

Webroot Security Awareness Training

Security awareness training is an education process that teaches employees about cybersecurity, IT best practices, and even regulatory compliance. A comprehensive security awareness program should train employees about a variety of IT, security, and other business-related topics. These may include how to avoid phishing and other types of social engineering cyberattacks, spot potential malware behaviors, report possible security threats, follow company IT policies and best practices, and adhere to any applicable data privacy and compliance regulations (GDPR, PCI DSS, HIPAA, etc.)

8.4

Composite Score

8.6

CX Score

+90

Emotional Footprint

88%

Likeliness to Recommend

25

Reviews

Badge Winner

KnowBe4

KnowBe4 Security Awareness Training

KnowBe4 is the world's most popular integrated platform for awareness training combined with simulated phishing attacks. We help thousands of organizations to manage the continuing problem of social engineering.

8.3

Composite Score

8.6

CX Score

+88

Emotional Footprint

85%

Likeliness to Recommend

29

Reviews

Badge Winner

Mimecast Services

Mimecast Awareness Training

Increasing cyber security awareness among your users will undoubtedly help to prevent more cyber security threats. Email-borne threats have always targeted human beings, duping them into clicking on links, opening attachments or providing passwords and personal information that can be used to penetrate cyber security defenses. It doesn't matter how much you've invested in the latest cyber security tools or the most sophisticated cyber security strategies – if your users can't spot a suspicious link or a fraudulent email, your defenses are likely to be compromised.

7.9

Composite Score

8.0

CX Score

+85

Emotional Footprint

81%

Likeliness to Recommend

19

Reviews

Terranova Security

Terranova Security Awareness Training

With our comprehensive, end-to-end suite of security awareness solutions at your disposal, you can address threats completely, effectively and in a way that makes the most sense for your organization and its culture.

7.8

Composite Score

7.8

CX Score

+78

Emotional Footprint

76%

Likeliness to Recommend

14

Reviews

SANS Institute

SANS EndUser Training

Easily manage your cyber awareness training program. The SANS Advanced Cybersecurity Learning Platform makes it easy to track results, be compliant, and change behavior.

7.7

Composite Score

8.2

CX Score

+89

Emotional Footprint

71%

Likeliness to Recommend

24

Reviews

Inspired eLearning

Inspired eLearning Security Awareness

Named an Inc. 5000 company for the 5th year in a row, Inspired eLearning delivers the highest quality educational products to transform corporate culture, nurture and enhance workforce skills and deliver maximum ROI for the corporate education budget. Inspired eLearning offers Security Awareness and Compliance solutions that include Security First Solutions, CyQ Cybersecurity Assessment tool, PhishProof phishing assessment software, content integration and a fully hosted web-based eLearning course delivery and tracking system using the iLMS (Inspired Learning Management System).

7.7

Composite Score

8.3

CX Score

+86

Emotional Footprint

77%

Likeliness to Recommend

15

Reviews

Kaspersky

Kaspersky Security Awareness

Kaspersky Lab has launched a family of computer-based training products that utilize the latest learning techniques and address all levels of the organizational structure. Our integral approach consists of modern learning techniques ensuring all employees are trained up to their best needed level. Gamification, learning-by-doing and repeated reinforcement help to build strong skills retention and prevent obliteration. Each training is engaging and highlighting the personal importance of cybersecurity.

7.5

Composite Score

7.4

CX Score

+70

Emotional Footprint

78%

Likeliness to Recommend

15

Reviews

Proofpoint

Proofpoint Security Awareness Training

REQUEST A DEMO Overview Engage your end users and arm them against real-world cyber attacks, using personalized cybersecurity training based on our industry-leading threat intelligence. Instead of wasting time with one-size-fits-all content, we help you deliver the right cybersecurity awareness training to the right people at the right time.

7.3

Composite Score

7.2

CX Score

+68

Emotional Footprint

72%

Likeliness to Recommend

23

Reviews

MediaPro

MediaPro

MediaPro helps you plan and deliver an adaptive awareness program where you analyze your employees’ behavior, target unique training and reinforcement to employees based on their risk profile, and measure your progress along the way with simulated phishing and knowledge assessments.

8.5

Composite Score

9.2

CX Score

+99

Emotional Footprint

85%

Likeliness to Recommend

5

Reviews

Sophos

Sophos Phish Threat

Phishing is big business. Attacks have shown record growth in recent years, and a solid security awareness program is an integral part of any defense-in-depth strategy. Sophos Phish Threat educates and tests your end users through automated attack simulations, quality security awareness training, and actionable reporting metrics.

7.5

Composite Score

6.9

CX Score

+58

Emotional Footprint

76%

Likeliness to Recommend

5

Reviews

Cofense Inc

Cofense

With more than 90% of breaches attributed to successful phishing campaigns, it’s easy for organizations to point to the everyday employee as the root cause – as the problem to be solved. We disagree. CofenseTM believes employees – humans – should be empowered as part of the solution to help strengthen defenses and gather real-time attack intelligence to stop attacks in progress.

--

Composite Score

--

CX Score

+99

Emotional Footprint

85%

Likeliness to Recommend

3

Reviews

The Security Awareness Company

The Security Awareness Company

Provides organizations with dynamic security awareness training materials on an international scale since 1991. SAC creates cyber security awareness training programs (including compliance standards such as HIPAA and PCI-DSS) for companies of all sizes.

--

Composite Score

--

CX Score

+100

Emotional Footprint

78%

Likeliness to Recommend

1

Reviews

Ninjio

Ninjio Aware

NINJIO is a “Content First” Company. Over 200 hours are spent on each Hollywood story-based episode, to deliver the highest quality production on the market today. Most Awareness providers are “Phishing First” companies who have viewed Awareness content as an after-thought. Creating engaging story-based content on a frequent basis keeps cyber security awareness “Top of Mind.” Top of Mind equals retention. Retention changes behavior such that when a user is hit with a threat, they remember how to react. The outcome for your organization- FEWER BREACHES.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Lucy Security

LUCY

Employees are the last line of defense. This is why education, the testing of know-how and the active involvement of employees in your cyber defense are essential components of your IT Strategy. LUCY is SOFTWARE that allows companies to take on the role of an attacker and uncover and close weaknesses in both the technical infrastructure and the staff.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

CybSafe

CybSafe Security Awareness Training

CybSafe is the world’s first intelligent cyber security and data analytics platform that enables you to quantify your human cyber risk and resilience, whilst measuring whether your awareness activities (such as training and phishing simulations) are actually working. CybSafe does this in a way both information security professionals and executives can understand and provides data-driven insight that can be used to optimise awareness, behaviour and culture programs. CybSafe is cyber security technology that fuses psychology and behavioural science with artificial intelligence and data science.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

ControlScan Inc

ControlScan Security Awareness

ControlScan’s Security Awareness Training Service delivers courses over the web so that employees can view them anytime and anywhere. You get to choose the courses available to them, which can include general instruction in security as well as specific courses in areas like PCI and HIPAA-HITECH. The ControlScan Security Awareness Training online program can be implemented in days, provides you with a critical security measure, and enables you to demonstrate compliance with training requirements that apply to your business.

--

Composite Score

--

CX Score

+54

Emotional Footprint

0%

Likeliness to Recommend

1

Reviews

BeOne Development Group

BeOne Security Awareness

Employees are increasingly the target of cyber criminals. That is why we help your people improve their cyber skills. With BeOne Development's security awareness solutions, employees can better withstand the current cyber threats. We increase awareness for information security and improve risk-aware behavior. This way we complete your cyber security policy.

--

Composite Score

8.8

CX Score

+100

Emotional Footprint

100%

Likeliness to Recommend

1

Reviews

Barracuda Networks, Inc.

Barracuda PhishLine

Fight phishing and other potentially devastating attacks that can slip through security gateways. These evolving and sophisticated attack techniques, designed to fool employees, put your business at risk for data loss, financial fraud, and embarrassing exposure. Transform employees into a layer of defense with Barracuda PhishLine.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Kratikal Tech Pvt Ltd

ThreatCop

ThreatCop lets you virtually attack your infrastructure to assess the real-time threat posture of an organization from the people's point of view & provide insights.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

All Research

Latest Research

5
Aug

Author: Isaac Kinsella (Info-Tech) &
Jimmy Tom (Info-Tech)

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Latest Research

23
Jul

Author: Isaac Kinsella (Info-Tech)

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.

Latest Research

20
Jul

Author: Isaac Kinsella (Info-Tech)

Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.

Latest Research

15
Jul

Author: Isaac Kinsella (Info-Tech)

On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.

Latest Research

10
Jul

Author: Isaac Kinsella (Info-Tech)

COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.

Latest Research

27
May

Author: Isaac Kinsella (Info-Tech)

Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.

Latest Research

11
May

Author: Isaac Kinsella (Info-Tech)

We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.

Latest Research

30
Apr

Author: Isaac Kinsella (Info-Tech)

Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.

Latest Research

30
Apr

Author: Isaac Kinsella (Info-Tech)

The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.

Latest Research

23
Apr

Author: Isaac Kinsella (Info-Tech)

Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.

Latest Research

17
Mar

Author: Isaac Kinsella (Info-Tech)

Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.

Latest Research

17
Mar

Author: Isaac Kinsella (Info-Tech)

Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.

Latest Research

16
Mar

Author: Isaac Kinsella (Info-Tech)

Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.

Latest Research

11
Mar

Author: Isaac Kinsella (Info-Tech)

Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.

Latest Research

3
Mar

Author: Isaac Kinsella (Info-Tech)

A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.

Latest Research

24
Feb

Author: Isaac Kinsella (Info-Tech)

Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).

Latest Research

24
Feb

Author: Isaac Kinsella (Info-Tech)

Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.

Latest Research

4
Feb

Author: Isaac Kinsella (Info-Tech)

A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.

Latest Research

4
Feb

Author: Isaac Kinsella (Info-Tech)

Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.

Latest Research

30
Jan

Author: Isaac Kinsella (Info-Tech)

Cybersecurity firm Bishop Fox identified eight vulnerabilities in ConnectWise’s remote control and remote access software.

Latest Research

30
Jan

Author: Isaac Kinsella (Info-Tech)

Announced on December 31, 2019, BeyondTrust named Tenable as the successor to its Vulnerability Management suite.

Latest Research

30
Jan

Author: Isaac Kinsella (Info-Tech)

On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.

Latest Research

28
Jan

Author: Isaac Kinsella (Info-Tech)

On January 14, Microsoft issued a statement acknowledging a crucial security flaw within its Windows 10 operating systems: a failure in the Windows 10 CryptoAPI service that affects both Windows 10 and Windows Server Update systems.

Latest Research

19
Dec

Author: Thomas Randall (Info-Tech)

Cisco is beginning to lose patience with its Zoom interoperability after another Zoom security risk: access for the Zoom Connector for Cisco hosted on zoom.us did not require authentication, allowing external users to join a Zoom meeting without password credentials.

Latest Research

5
Nov

Author: Ian Mulholland (Info-Tech)

On October 30, 2019, KnowBe4, a leader in the end-user security training space, was awarded Federal Risk and Authorization Management Program (FedRAMP) approval from the US federal government.

Latest Research

3
Oct

Author: Ian Mulholland (Info-Tech)

For 2019’s National Cybersecurity Awareness Month (NCSAM), the National Cyber Security Alliance (NCSA) has named the security awareness and training vendor Habitu8 its official partner.

Latest Research

3
Oct

Author: Ian Mulholland (Info-Tech)

Security awareness and training vendor KnowBe4 has added a machine learning module called PhishML to its existing SOAR platform, PhishER.

Load More