I am not using KnowBe4 regularly. In February and March, I attended some online courses about cybersecurity and GDPR. It's the major part of cybersecurity-related topics, and my team and I attended the same course at a time.

KnowBe4 has a lot of high-quality content, and their interface is very user-friendly. The engaging simulation is good, and that is the major good part of KnowBe4. They have a good part in their progress tracking system, which I appreciate very much because when I start a course, after some time, I can see my progress, and I can take the next action or next step after seeing my progress.

Their overall experience and my experience is good, and I already mentioned some specific topics, such as their interface, their content quality, and their tracking process. I used this application and appreciate their total solution, which is why I rated it seven.

KnowBe4 has some courses that are very short, below 30 minutes. I would prefer if some content was added for a longer duration where more information would be available, and we could learn deep knowledge about this topic.

I prefer for KnowBe4 to add some new upcoming course content that is longer.

I did not face any noticeable issues with KnowBe4, but I think their content has some repeated material about the same things. Some courses have the same type of content, the same type of page. But not too much, I think some repeated content exists in multiple courses in KnowBe4.

If they make more improvements, such as improving some content, and since most of their content is paid, if they offered some more free content and also removed the repeated content or repeated topics from their list, I might increase my rating from seven to something higher.

I am a customer of KnowBe4; I was a customer.

The initial setup of KnowBe4 is adequate, and there's no need to step forward or backward. The process was very smooth, and I think in general, it's satisfactory.

KnowBe4 was really helpful to develop my skills, and that's why I used this course. I believe my skill has become more fluent and smoother, more developed after attending this type of course.

The pricing is acceptable, but when someone wants to attend this course from a third-world country, the price is high for a third-world country such as mine.

We use KnowBe4 for phishing attempts, and we try to educate our employees on how the phishing attacks will be simulated since KnowBe4 is quite good at simulating them, whereby you create a dummy email with multiple templates on how to enhance or target the users. The simulations are quite surreal, whereby users may confuse them, which makes them more aware of phishing attacks. We also use KnowBe4 to teach people how cybersecurity works and show them videos and materials.

The methodology that KnowBe4 employs allows us to have it architect an email, for instance, I could be your manager requesting your payslip or bank details, and although it would appear legitimate, the email address might differ. Users must take note of the email address, the crafting of the email, and the details requested. If they fail, they must resit the exam, which is one of the biggest features of KnowBe4 that helps tighten social networking within our company. It is a very good application for high-level companies.

We use KnowBe4's PhishER component.

KnowBe4 has been quite useful for us as a mid-size company, providing a lot of information. We ask our employees to take tests and certificates to keep them updated in cybersecurity knowledge and ISO 27001. We also recommend users to share new findings on LinkedIn and post through KnowBe4 since it provides certificates upon course completion, which is very useful for us.

PhishER has been quite helpful for us as it allows us to report spam emails we receive in our domain. We can block multiple domains simultaneously, even those that may present difficulties, and create rules for specific domains or emails to help us block or automatically flag critical vulnerabilities, making KnowBe4 different compared to others.

The automated training campaigns of KnowBe4 are quite helpful since if users fail to complete their certificates or exams, managers are notified every few months once the expiration date has passed for each team member. This encourages team members to finish their certifications and also provides feedback.

In terms of improvement, we would appreciate having the attachments or more details on the raw messages used in the PhishER site, as sometimes it can be a bit buggy.

I have been working with KnowBe4 for almost three years.

We have not experienced any performance or reliability issues with KnowBe4.

KnowBe4 is very much scalable.

We have escalated questions to KnowBe4's technical support, and it has been quite helpful in guiding us, especially when we request feature edits or face buggy issues. They tend to have response times close to 24 hours, if I am not mistaken.

They tend to explain issues very quickly, and their response is rapid. We do not experience extended waiting times, even though I work in a different region from the support team.

Positive

I don't think we evaluated any other solutions before choosing KnowBe4; it has always been KnowBe4 due to the extensive functionalities and features it provides. If we had taken another application, we would have had to buy multiple software packages, whereas KnowBe4 compiles everything into one convenient solution.

I don't think we have seen measurable benefits from KnowBe4 regarding time, resource, or cost savings.

If you are considering KnowBe4, it may be a bit high on the pricing side, but it would be very helpful for large companies, as it offers many modules and robust reporting to understand daily threat levels for spam and social engineering. It is a very helpful application. They also produce a lot of relevant learning materials that keep users engaged and informed, which is essential.

We are currently working on Rapid7, but I can't disclose too many details.

On a scale of 1-10, I rate KnowBe4 a seven out of ten.

KnowBe4 is prominent in South Africa since 2016. I used it at Easy Pay, SARS (our tax authority in South Africa), and now at Capitec.

I have moved on from creating and simulating phishing emails since 2017. At the bank, we look after the infrastructure, licensing, and features. The junior compliance team helps set up simulations to catch people through Teams messages or links.

We must make the phishing emails better with the AI models that can be added through an extra license. The content must be very realistic so people can see the actual aftermath.

The scalability, integration, robustness of reporting and analytics, and user-friendly interface are valuable features.

KnowBe4 has improved significantly since we first acquired it at Easy Pay when I worked with a third-party vendor in India for setup. In my first simulation, I designed a menu for a year-end function, and half of the company clicked on it, requiring subsequent training.

Humans remain the weakest link. The analytics help us identify people who clicked, determine their training needs, and track progress. My personal statistics show I failed five out of 39 tests and reported 17, with a personal risk score of 47.4 and eight badges.

KnowBe4's AI integration has enhanced email authenticity. The model adapts to sending patterns. Recently, I was caught when I received what appeared to be an HR reply while waiting for a response. After returning from leave, I clicked on what turned out to be a phishing link.

The days of obvious scams are gone. Modern phishing emails appear authentic, as if from friends. This enables full-blown ATP operations using AI to generate convincing phishing emails, making it crucial to focus on AI-based detection against AI-generated threats.

As an architect who designs security solutions at Capitec, Africa's largest bank with 25-27 million clients, we must ensure good cybersecurity awareness for users.

There are gaps in overall security coverage. I rate KnowBe4 a 7 because improvements could be made beyond entry points and foothold perspectives. For instance, considering SQL injection vulnerabilities, more content should be provided for developers.

Adding a section specifically for developers would be beneficial, targeting that market as effectively as the organization-wide phishing email training. Organizations that have used KnowBe4 for years are developing good security habits.

KnowBe4 could educate people about OWASP Top 10 in web security testing and API security. Since OWASP Top 10 is open source, teaching these principles to keep organizations secure beyond Exchange server protection would be valuable.

KnowBe4 has a significant presence in South Africa since 2016. I have used it at multiple organizations including Easy Pay, SARS (South African tax authority), and currently at Capitec.

I use the on-premises version. The system experienced downtime during a patch or upgrade. The compliance team reported issues with creating simulations and pushing out training.

During the last downtime, it caused significant disruption as users couldn't access the system. Warren escalated this to a support ticket with KnowBe4. A representative from KnowBe4 South Africa, who is active on LinkedIn, previously gave a presentation at Capitec.

I previously used OpenPhish, setting it up with Hive when building the open source SOC for SARS. This included ELK stack, Hive, MSP, and OpenPhish for creating phishing emails and fake domains.

At SARS, I attempted to implement KnowBe4 for three years. During RFQ processes for licensing, the pricing was considered too expensive under government procurement rules, though I disagreed with compromising on security.

The setup process is straightforward. When implementing at SARS, we had assistance from a vendor, possibly Dimension Data. The basic setup involves server creation and software installation following documentation. My current role includes upgrading versions, .NET, and patching the Microsoft server as it's treated as a member server within Active Directory.

The implementation at SARS was completed with assistance from a vendor, believed to be Dimension Data. KnowBe4 vendors in South Africa participated in the setup process.

The solution was considered expensive, particularly in government contexts. However, security shouldn't be compromised as monetary considerations become secondary when security incidents occur.

The system supports single sign-on integration. It's accessible through an internal internet where all applications are published. Users can access KnowBe4 through the apps portal using either username/password or single sign-on authentication.

The solution rating is 7 out of 10.

We maintain realistic training scenarios. Junior staff members create phishing emails with support available when needed. During system downtime, it significantly impacts operations, requiring escalation to KnowBe4 support.