My team and I use KnowBe4 primarily for security awareness training. The company assigns new training modules every few months, covering several topics such as phishing emails, safe web browsing, and other general security awareness training. More recently, we've received new modules related to the safe usage of AI tools and guidelines for preventing unintentional data breaches when interacting with AI systems; that is how we are using KnowBe4 in our company.

Besides security awareness, KnowBe4 gives me knowledge I didn't have before, such as the AI-related topics. Our work involves AI tools, and previously, my colleagues might have shared information that shouldn't be there in AI. With the training modules from KnowBe4, it raises our awareness about the information that could breach our company when using AI; I find that aspect positive about KnowBe4.

Most valuable for me are the interactiveness and format of KnowBe4. It has a realistic format; for example, when I'm taking the phishing simulations, the modules give me examples of the real phishing types that might be in my mailbox and how to deal with them. It's good for raising awareness of the threats, and I think it's easy to follow, even for non-technical staff. It is really effective for raising good habits regarding the threats.

The simulated phishing attacks feature has examples of several phishing attacks through email. It gives me four or more examples for each, such as asking for our details or having links leading to unverified websites. When I get emails similar to those, I know how to take action on the emails in my mailbox.

Regarding user behavior, I don't find KnowBe4's real-time insights and analytics very useful because I found it a bit repetitive. Also, if you've been using the platform for a while, their modules tend to be repetitive between the different modules.

I would prefer the aspect of product repetitiveness to be improved or optimized in the next releases of KnowBe4. The renewal of the modules needs to be updated simultaneously with new threats or new content as technology is evolving quickly. I think the UI needs improvement as it appears outdated for the current website for learning modules.

Negative

Before using KnowBe4, we had an academy website from our company, but later they started sending us KnowBe4 modules. Previously, training was just in PDF or videos, and then it changed to KnowBe4.

I started using KnowBe4 because the company assigned me to do it. I understand why the company switched from the previous technology to KnowBe4 because it forces us to really see, read, and understand the materials in the modules. The old system only provided materials in a read format, whereas KnowBe4 includes quizzes and an interactive way to understand the modules better.

I'm currently working with KnowBe4 Security Awareness Training. I've been receiving the links through my email from my company. KnowBe4 is accessed through the website.

The automated assignments have a good impact for me, and possibly my colleagues feel the same because the modules assigned to us are mostly related to our work. I'm not sure if they are assigned based on departments or roles, but the modules we receive are closely related to our work.

I don't have any information about the pricing and licensing of KnowBe4 as I'm just the end user. I haven't needed to use the documentation or manuals for KnowBe4 because I can operate the system efficiently without them.

On a scale of 1-10, I rate KnowBe4 an 8.

I worked as an intern where KnowBe4 was used as a third-party vendor in the company.

My responsibilities included assigning security awareness training to employees, running phishing simulation campaigns, monitoring user responses, and reporting on results.

When I started, my main tasks with KnowBe4 were sending simulations and selecting which ones to use. I would also be involved with choosing the training videos and quizzes to send out to users.

KnowBe4 significantly enhanced people's awareness of cybersecurity threats within the company through its simulations that replicated real-world scenarios. The phishing simulations were very realistic and helped test actual reactions. Through these platform simulations, people became more aware of cybersecurity threats and learned how to identify potential threats.

The platform proved effective as we could track responses to repeated simulations, allowing us to measure the effectiveness of previous awareness campaigns.

KnowBe4 improved awareness as employees became more cautious with emails. They developed better habits and would report suspicious emails using the company's reporting option. As months progressed, we observed more people reporting phishing simulations, indicating increased employee awareness within the company.

The most valuable aspect of KnowBe4 was its metrics capabilities. The platform allowed us to see departmental statistics, including click rates and user responses.

The real-time insights and analytics are very detailed, enabling accurate measurement of metrics and effectiveness of phishing simulations. The platform is user-friendly with an intuitive interface, making it an excellent overall solution.

An area for improvement in KnowBe4 is the repetitive content for users completing multiple training sessions. Additionally, some email simulations were blocked by spam filters, requiring IT to whitelist these email simulations.

I worked with KnowBe4 for seven months during my time as a cybersecurity intern last year.

KnowBe4 demonstrated good scalability, particularly in supporting compliance requirements. It was valuable for audit reporting, with metrics downloadable in PDF format. The platform effectively raised awareness and reduced phishing click rates.

My involvement with technical support was limited, so I cannot provide detailed information about KnowBe4's responsiveness or helpfulness.

Neutral

I did not use any previous solutions as KnowBe4 was user-friendly.

As an intern, I was not involved in the implementation team.

The solution proved valuable for audit reporting and successfully raised awareness while reducing phishing click rates.

I was not aware of alternate solutions as this would typically fall under an admin role's responsibilities.

From my experience, KnowBe4 was stable and proves to be a strong tool for organizations building a security awareness culture. It is simple to use and effective, even for companies starting out in phishing and training campaigns. I rate this solution an 8 out of 10.

I am not using KnowBe4 regularly. In February and March, I attended some online courses about cybersecurity and GDPR. It's the major part of cybersecurity-related topics, and my team and I attended the same course at a time.

KnowBe4 has a lot of high-quality content, and their interface is very user-friendly. The engaging simulation is good, and that is the major good part of KnowBe4. They have a good part in their progress tracking system, which I appreciate very much because when I start a course, after some time, I can see my progress, and I can take the next action or next step after seeing my progress.

Their overall experience and my experience is good, and I already mentioned some specific topics, such as their interface, their content quality, and their tracking process. I used this application and appreciate their total solution, which is why I rated it seven.

KnowBe4 has some courses that are very short, below 30 minutes. I would prefer if some content was added for a longer duration where more information would be available, and we could learn deep knowledge about this topic.

I prefer for KnowBe4 to add some new upcoming course content that is longer.

I did not face any noticeable issues with KnowBe4, but I think their content has some repeated material about the same things. Some courses have the same type of content, the same type of page. But not too much, I think some repeated content exists in multiple courses in KnowBe4.

If they make more improvements, such as improving some content, and since most of their content is paid, if they offered some more free content and also removed the repeated content or repeated topics from their list, I might increase my rating from seven to something higher.

I am a customer of KnowBe4; I was a customer.

The initial setup of KnowBe4 is adequate, and there's no need to step forward or backward. The process was very smooth, and I think in general, it's satisfactory.

KnowBe4 was really helpful to develop my skills, and that's why I used this course. I believe my skill has become more fluent and smoother, more developed after attending this type of course.

The pricing is acceptable, but when someone wants to attend this course from a third-world country, the price is high for a third-world country such as mine.

For about two years, I have been working with KnowBe4, as they have been providing a training service to the company I'm working for since August 2022.

I can describe a few use cases for KnowBe4 because they provide training services to the company that I'm working for, and once every month, we have a training module on many technology-related things, from the risks of AI to cybersecurity, to technology best practices, things of that nature.

The impact of KnowBe4's automated training campaigns on the overall cybersecurity posture is quite comprehensive because it covers everything from the very basics of cybersecurity to evolving and emerging threats. I find it to be good and would recommend it for large corporates, but if you're a small company, it might be too large and too cumbersome to have something this exhaustive implemented in your system. It's quite good though, and I would recommend it if you're a large company of approximately 500, 600, or 700 people.

I find KnowBe4 to be stable, as there haven't been any major hiccups.

Overall, I find it easy to scale KnowBe4 up and down.

Before KnowBe4, we had an internal solution for security awareness training. It wasn't a third-party solution but rather something that was developed by our internal teams. I think that KnowBe4 has been an upgrade because they constantly keep updating their training materials, saving us a lot of time that we would have spent constantly updating our materials if we were to do it by ourselves.

From my perspective regarding what can be improved or enhanced in KnowBe4, I would not be able to talk about pricing or areas that are outside my scope of visibility, but just from the quality of the offering itself, I think that it's a pretty good offering. There are no immediate problems, and they take care to consistently ask for feedback and implement it, so there are no major issues outstanding that I can immediately point to.

There are some aspects of KnowBe4 that can be enhanced, specifically in the training feature, as a lot of their training is designed for people who are almost entirely computer illiterate, which is fine because you want to be comprehensive in your cybersecurity training. Most people today have some basic ideas on what passwords are and how to use them. I feel that much of the content they have might not be required, and that might cause frustration, especially when you're trying to implement a cybersecurity program where you're training your entire workforce, as it may frustrate someone if they're forced to do training on how to set a password. However, I think that the more complicated things they do about phishing, AI, and social engineering are very important, and the way they do it is very structured and good.

For about two years, I have been working with KnowBe4, as they have been providing a training service to the company I'm working for since August 2022.

I do not have specific knowledge about the tech support of KnowBe4, but I know that when I have raised issues, they have been dealt with in time. However, I couldn't compare that to what the industry standards are and what other offerings provide in comparison. When I have given feedback on the materials I have engaged with, I found that they were addressed quickly.

Positive

Before KnowBe4, we had an internal solution for security awareness training. It wasn't a third-party solution but rather something that was developed by our internal teams. I think that KnowBe4 has been an upgrade because they constantly keep updating their training materials, saving us a lot of time that we would have spent constantly updating our materials if we were to do it by ourselves.

I personally have not used the simulated phishing attacks feature of KnowBe4. I know that there are some people in the company who use that, but I haven't used that, so I would not be able to comment on that.

While the company does use the PhishER component, I have not used it, so I would not be able to give you too much information on the phishing simulator. I've gone through trainings on the simulator, but I haven't used the simulator itself.

I have mostly been a recipient of the training programs from KnowBe4, so even though the company is using the real-time insights and real-time analytics, I would not be able to comment on this.

Given my experience with KnowBe4, the only advice I would share with users considering its implementation is to consider the scale because it would be a good solution if you're a reasonably large company. A company of 20 people or 100 people might not find it worthwhile, but for a larger company of 300, 400, or 500 people or above that, KnowBe4 would be suitable.

Based on the parts that I've interacted with and given my limited visibility, I rate KnowBe4 an 8.5 or 9 out of 10.

We use KnowBe4 primarily as a security awareness training platform to educate and protect our employees against common cybersecurity threats. While I am not directly working with KnowBe4, my company has been utilizing their training program for the past seven years as part of our broader security posture.

The KnowBe4 training is an integral part of our onboarding process. Every new hire is required to complete the training, which typically takes 15 to 30 minutes. It covers essential topics such as: recognizing phishing emails, identifying suspicious links, and understanding what software is safe to install.

This training is not limited to new hires—we periodically reinforce it with existing employees as part of ongoing awareness efforts.

In addition to the training modules, KnowBe4 also sends simulated phishing emails to our employees as a way to test and reinforce their learning. These simulations are a key component of the program and help us measure the effectiveness of the training. When employees receive an email they are unsure about, they are encouraged to report it to our IT team for verification. This proactive approach has significantly improved our overall security awareness and response behavior.

At this time, our usage of KnowBe4 is focused exclusively on the training and phishing simulation features.

KnowBe4 has significantly improved our organization by increasing overall security awareness among employees. After completing the training, employees are more cautious with emails, links, and software, helping to prevent phishing and other cyber threats. The simulated phishing tests have reinforced good practices, and employees now proactively report suspicious emails to IT, creating a stronger security culture across the company.

One of the most valuable features of KnowBe4 is its simulated phishing email campaigns. This feature effectively tests user behavior in real-world scenarios by sending realistic phishing emails to employees without prior notice. It helps identify how users respond to potential threats and highlights areas where further training may be needed.

These simulations not only measure the effectiveness of the initial training but also serve as continuous reinforcement, keeping employees alert and aware. Over time, this has greatly improved our team’s ability to recognize suspicious emails and act cautiously—whether by avoiding unsafe links or reporting potential phishing attempts to our IT team. This ongoing, practical testing method has been instrumental in building a strong security-conscious culture within our organization

One feature that would be highly beneficial in a future release is the ability to automatically send training articles or security tips to users on a regular, scheduled basis—for example, weekly or monthly. While the current training modules and phishing simulations are highly effective, ongoing awareness is equally important to keep security top of mind in day-to-day operations.

These short, digestible articles or micro-learning content could cover recent phishing trends, real-world examples of security breaches, or quick tips on secure online behavior. Periodic delivery would serve as a continuous learning touchpoint, reinforcing key concepts from the main training and adapting to evolving threats.

Ideally, this feature would also include personalization, allowing content to be tailored based on a user’s role, previous training performance, or common mistakes observed in phishing simulations. This kind of proactive, lightweight training approach could significantly enhance employee engagement with security practices and help maintain a strong security posture over time.

7 years

The solution has been very stable in our experience. Over the years, we've had no major issues with accessibility or performance. Training modules, phishing simulations, and reporting have all functioned reliably, providing a smooth and consistent user experience.

he solution is highly scalable for organizations of all sizes. We've seamlessly used it across multiple teams for several years, and it supports consistent training and testing without requiring heavy manual effort. The platform’s automation and reporting features make it easy to manage even as the organization grows.

I have not experienced any technical support yet regarding KnowBe4. However, I would say this is a great product and I would grade it highly.

Positive

We did not use a different solution for these use cases before KnowBe4.

I don't think there were other products my company considered before choosing KnowBe4.We did not explore any product except KnowBe4.

I am not the right person to answer this question. Our It team can answer this question.

I don't know the answer, actually. I was not part of this discussion initially. 

Our ROI from using KnowBe4 comes in the form of reduced security incidents and increased employee awareness. The platform has helped prevent potential breaches by training employees to identify and report threats, ultimately saving time, resources, and potential financial losses from phishing or other cyberattacks.

I am not the right person to discuss the pricing of KnowBe4 because I'm a senior software engineering manager. My CTO and the IT department or security department normally deal with pricing and other related matters.

Nope, I am not aware of it. Maybe our IT team can answer this question.

This product deserves a rating of 9 out of 10.