Overview
What is KnowBe4 PhishER/PhishER Plus?
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and…
KnowBe4 PhishER review June 2024
KnowBe4 PhishER is a great addition to Current KnowBe4 customer and M365 exchange customer looking to simplify reporting and hunting.
Best Email Reporting and Management Tool
A tool that compliments your mail defenses
PHISHER
Great security products.
Great Security Awareness training tool
KnowBe4 PhishER is a great service
Phishing Hero!
PhishER is easy to use for all staff and great protection.
KnowBe4 PhishER Saves Precious Staff Time
The #1 Product to Improve Security Awareness
Quick and easy to implement with large returns in value
KnowBe4 PhishER/PhishER Plus Is The Best
How KnowBe4 PhishER/PhishER Plus Differs From Its Competitors
Time Savings
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
Time Savings
PhishER Capabilities
Time Savings
Time Savings
PhishER Capabilities
Time Savings
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
Time Savings
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Time Savings
PhishER Capabilities
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Machine Learning to Prevent Incidents (64)9.191%
- Live Response for Rapid Remediation (65)8.888%
- Centralized Dashboard (75)8.787%
- Company-wide Incident Reporting (60)8.585%
Reviewer Pros & Cons
Pricing
3001-5000 Monthly Pricing Per Seat
$0.75
2001-3000 Monthly Pricing Per Seat
$0.85
1001-2000 Monthly Pricing Per Seat
$1.00
Entry-level set up fee?
- Setup fee optional
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Features
Incident Response Platforms
Incident response (IR) platforms guide countermeasures against a security breach and deploy preplanned, automated threat responses
- 8.5Company-wide Incident Reporting(60) Ratings
Built-in enterprise-level ticketing system to leverage the knowledge of the entire workforce, not just the security team
- 7.6Integration with Other Security Systems(58) Ratings
Pre-built integration with other security systems like SIEM and threat intelligence
- 8.7Centralized Dashboard(75) Ratings
A central dashboard provides analysts with a clear look at the most important data
- 9.1Machine Learning to Prevent Incidents(64) Ratings
Incident prevention powered by machine learning with no human intervention
- 8.8Live Response for Rapid Remediation(65) Ratings
Live remediation response allows incident responders to initiate remediation from anywhere over secure connection
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is KnowBe4 PhishER/PhishER Plus?
PhishER is a light-weight SOAR platform that automatically analyzes and prioritizes reported email messages to identify and quarantine malicious emails across an organization. PhishER helps InfoSec and Security Operations teams cut through the inbox noise and respond to the most dangerous threats more quickly.
PhishER is available as a stand-alone product or as an optional add-on for KnowBe4 customers that want to automatically prioritize and manage potentially malicious messages that were reported through the KnowBe4 Phish Alert Button. PhishER Plus is an upgraded subscription level that includes all of the features from PhishER with additional enhancements and AI-validated crowdsourced data. PhishER Plus was developed to help supercharge an organization’s email security defenses. It does this by automatically blocking phishing attacks that mail filters miss.
KnowBe4 PhishER/PhishER Plus Features
Incident Response Platforms Features
- Supported: Company-wide Incident Reporting
- Supported: Integration with Other Security Systems
- Supported: Centralized Dashboard
- Supported: Machine Learning to Prevent Incidents
- Supported: Live Response for Rapid Remediation
Additional Features
- Supported: Automatic Message Prioritization
KnowBe4 PhishER/PhishER Plus Screenshots
KnowBe4 PhishER/PhishER Plus Videos
KnowBe4 PhishER/PhishER Plus Integrations
KnowBe4 PhishER/PhishER Plus Competitors
KnowBe4 PhishER/PhishER Plus Technical Details
Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Unspecified |
Mobile Application | No |
Supported Countries | Global |
KnowBe4 PhishER/PhishER Plus Downloadables
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(176)Attribute Ratings
Reviews
(1-25 of 47)KnowBe4 PhishER review June 2024
- Identifying the type of email, Phish, Spam, etc.
- Ability to block senders email
- scan is not always completed on initial review and we have to do a manual scan normally on Documents
- Total Virus subscription could have more scans seeing that we have to do manual ones in item above
- PAB for Mac Mail and other Mail clients
- Reporting of Phishing emails
- Alerting end users of simulated phishing training emails
- Integrating Managed Blocklist to M365 Exchange
- Hunting for and removing found threats
- PhishRIP automation is a bit confusing to get setup with the automation.
- We had some problems with M365 syncing blocklists initially.
- Would be nice to be able to report spam vs phishing like the Microsoft report button.
Great security products.
- Simulated phishing emails.
- Training campaigns.
- Categorizing threat emails.
- A save draft feature would be nice in the training campaigns. I had to restart the same campaign creation process a few times because I forgot to set up several things.
KnowBe4 PhishER is a great service
- Allows users to notify admins of a phishing email
- Helps us train our users on proper email usage
- Gives us information on what kind of emails are being reported
- KnowBe4 PhishER could have a simpler login process
- Email notifications would be nice
- A phish confidence level on the emails reported could be useful
- Flag Suspicious Emails
- Prevent attacks via Emails
- Train Staff on what to look for in an attack.
- Does not work on Apple Mail app on Iphone
- Loses Phishing activation code randomly
- Could use ability to flag attacks via google drive/doc/etc
KnowBe4 PhishER Saves Precious Staff Time
- Analyzes questionable messages and takes action based on the results
- Greatly reduces the amount of manual interaction required
- Automatically pulls malicious messages from everyone's inbox
- Error reporting needs improvement, for example Admin should be notified if a PhishRIP process fails.
- Phishing threat detection and response
- Centralized management
- Employee training
- Integration with other tools
- Mobile support
- Improved reporting and analytics
PhishER: a time saver and a threat preventer!
- Scans submitted messages for threat level
- Returns clean emails to users
- Learns and adapts as more messages are submitted
- User interface is highly techincal in some areas
- Actions for phishRIP are not the most intuitive
- Usability requires higher levels of training
KnowBE4 PhishER Review.
- Categorization of suspect emails to Benign, SPAM and Threat.
- Integration to VirusTotal, Ticketing platform.
- Smart Dashboards.
- Canned auto - response email to end-users.
- AI/ML algorithm could be improved to reduce false positives and increase auto-resolved suspect emails.
KnowBe4 PhishER - security made simple
- Automatically evaluates reported emails
- Once it determines a threat, it pulls the email from all other mailboxes and quarantines them
- One button block list can be set up for repeat senders
- If an email is determined to be clean, a button to notify the reporter that it was clean and that they could find it in the deleted folder, with reference to the email would be nice.
KnowBe4 PhishER works for me!
- User Interface is easy to use.
- Saves time by classifying emails as malicious or not.
- In PhishRip portion would like to see more details regarding the message that is being ripped.
Happy with PhishER
- Automates phish report response
- Highlights email header information
- Saves time for our team.
- The rule setup could be easier to follow
- Make it so you don't have to click back and forth with manually looking at emails
- Make the email quarantine longer than 30 days.
KnowBe4 PhishER - an easy and robust application
- Customer Support; especially when we brough the application on board. The attention to detail, instruction, and help KnowBe4 team gave us is quite good!
- A wide variety of trainings, over a multitude of topics.
- Phishing Tests; "set it and forget" with metrics!
- For start-up biotech/pharmaceuticals, I think KnowBe4 PhishER is the perfect addition!
- Simple, easy to use. Minimal training required.
- Helps you focus on the most important vs. reviewing thousands of emails.
- Doesn't require a full-time resource.
- Ability to integrate/share data with other SIEM solutions.
- Reporting Emails
- Blocking Domains and Senders
- Virus Total Built In
- Discussion with other Admins
- Ability to discuss with User (Not Just Admins)
- Ability to Block Senders and Domains for Longer than 60 days
- Ability to view information such as IP Address, Estimated Location at a glance
PhishER - Don't Phone Home Without It.
- The machine based learning does a great job of correctly identifying safe vs. malicious emails.
- PhishRIP does an excellent job of finding and quarantining similar emails from other users accounts.
- The reports give us a real time insight into trends and campaigns launched by bad actors.
- Somtimes the PAB (or Phish Hook) has to have its permissions revalidated. This is a quick fix, but takes some knowledge.
- I honestly can't think of any other shortcomings at this time.
- See #1
- automation tasks for known false positives
- providing information for phishing email determination
- informative dashboard
- setting up automated tasks
- rooms is not really understood
- customizable reports
KnowBe4 PhishER - Rapid and efficiency phishing response
With KnowBe4 PhishER, the process is now highly automated, and we can remove phishing emails from dozens of inboxes in just a few clicks.
Our users appreciate it because they receive much quicker feedback on clean emails.
IT appreciates it because it makes our job a breeze and lets us focus on the important elements of incident response.
Management appreciates it because it helps keep our institution safer and gives them excellent reporting metrics.
- Quick phishing email review
- Automated analysis and tagging
- Immediate quarantine and removal
- Quicker / more efficient PhishRIP
- Improved "Find Similar Messages" filtering options
- Improved notification options
You've got to get KnowBe4 PhishER
- Blocks emails based on sender, attachments and URLs
- Pulls known phishing emails
- Converts phishing emails to training emails
- Integrates with Outlook
- Preview attachments when blocking them
- Send emails externally when using actions
- More powerful PhishRIP
PhishER, will probably save your Admin time.
- Find Threat emails
- Auto respond to clean emails the end user needs.
- Lowers the number of critical emails admins need to work with.
- Removes Threat emails directly from the end users mailbox.
- Query isn't granular enough to pull emails from mailboxes for spam that have very little information. Like no subject, no body, no attachment. It requires at least 2 items to query.
- It needs an additional Virus Total account. Knowbe4 should build that into the back end and just charge accordingly for the enterprise connection. Felt blindsided to the additional cost needed later.
- Some of the rules and actions are more complicated to setup than it should be. Which could be addressed for parts of that with a simplified interface and more intuitive for the person to setup. Someone that works with the product every day probably understands it, but as much the setup is setup and forget you need to relearn how that might work the next time you need to make changes. It could be less programmer like and more user friendly.
Love KnowBe4 and PhishER!
- Lets the user know that the message has been sent to KnowBe4 and IT
- Gives me a score on what they think the message is (clean, spam, threat)
- Pulls message out of others inboxes
- Might be nice to give users scores on how accurate they are with using it
- It would be nice if it recommended certain messages if someone didn't check it
A great help to skeleton crew IT departments!
- automated message header decoding
- remote removal/deletion of phishing mails from entire mail environment
- fast and easy false positive/clean identification
- easier customization of automation rules
- better end-user feedback to message submitter of submission status
Anything less than 10 users submitting messages to PhishER, and it's probably not worth the cost of the subscription in comparison to 1:1 communication.
If you have an email system that it doesn't tie well with, it'll be more difficult to get the really really nice integrations working in a way that truly saves time/effort/money.
PhishER saves time and reduces risk
- Automates handling of reported phishing emails
- Allows admins to check what's been done
- Allows admins to manually handle emails the AI isn't sure about
- The workflow for manually handling phish removal from all mailboxes is a bit "clicky"
- Web UI can be a little slow
- PhishER Plus (the shared blocklist) doesn't support GMail, only 365
Manual handling of the remaining reported phishing emails is a bit slow and "clicky".
Quick Thoughts
- Clean Users Inbox from threats
- Alerts me in a timely manner
- Scans
- Simply use even more
- Continue follow up training
Catch Fake Emails with PhishER!
We've got great buy-in from most management regarding issues like this as well. The best part of the software is being able to run queries on submitted emails and then quarantining and deleting said emails.
- Allows the removal of Malicious Emails
- Groups similar emails into categories for email reporting
- Also allows you to see who has submitted the most phishing/spam/clean emails within reports.
- GUI Based search rules, the current way to create rules for specific the current way to create a rule is using "yara" conditions, which for someone that is not familiar with them can be cumbersome.
- A wider way to find similar messages. Currently you have to choose from 2 of 5 options, and you don't always find malicious emails when using just subject/sender (when the sender is clearly the same for a targeted phishing campaign).
- SOMETIMES the speed with which a submitted email hit's the PhishER Inbox can be longer than I would like (closer to an hour) and others it is within seconds.