In the current environment, information security is the responsibility of all organizations. From cybersecurity threats to regulatory requirements, organizations must address information security. Security awareness training is a key component of an information security program. In addition to training, having the ability to test employees' security awareness helps determine if an organization’s security awareness training is working. PhishingBox provides a suite of security tools to implement a security awareness training program including threat protection tools for end users and security staff.
Security awareness is a continuous process of training, testing, and remediation. With the PhishingBox platform, organizations can implement a comprehensive security awareness training program using the products listed on this page. For more information on implementing a security awareness training program using PhishingBox, click here. For information on program components, review the relevant areas below.
PhishingBox includes an integrated learning management system (LMS) to deliver training to users. This SCORM-compliant LMS can deliver PhishingBox training courses, courses from our content providers, or internally created content. An organization has the option to use third-party LMS integrations or the PhishingBox API to connect to other systems. Click here for more information on the PhishingBox LMS.
How does an organization know security awareness training is working? Through the phishing simulator, organizations can conduct realistic phishing tests to evaluate the effectiveness of their employees' security awareness. Our phishing simulator is robust and allows for complex testing schedules, a dynamic template library, editing of templates, and more. Click here to learn more about the Phishing Simulator.
KillPhish is an email plugin to help users evaluate emails and report suspicious emails to an organization’s security operations. Any reported simulated phishing emails improve an organization’s Net Reporter Score or NRS. The NRS is a primary gauge to monitor an organization’s security awareness posture. The scanning capabilities of KillPhish provide indications to employees of potential threats from suspicious emails. Click here to learn more about KillPhish.
Security Inbox is a tool used by a security operations center or other technology staff to manage suspicious emails reported by employees. Security Inbox provides capabilities to research threat characteristics of the emails and provide automated responses and replies to employees. Click here to learn more about Security Inbox.
Our Customer Success Team and Technical Support are both in-house and included without tiers. We don't outsource or offshore.
We maintain a robust security and compliance program. Learn more about our security and compliance practices at our Trust Center.
PhishingBox allows auditors, MSPs, and others the ability to conduct phishing and security awareness training for many clients.
We integrate with several popular third-party services: LMS, SSO, CRM and HRIS. View a complete list on our integrations page.
No technical expertise required. Through intuitive menus you will be using the system in no time. View system screenshots here.
The system is web-based so no special software required. Management of the system is though standard web browsers.
Yes. We offer all prospective clients the opportunity to test the system. Please contact us and we will gladly demo the system, answer any questions that you may have and provide you with a trial account.
Yes. PhishingBox provides security awareness training. Learn more about our security awareness training material, including training from other third-party content providers.
Yes. PhishingBox maintains an information security program that includes external audits. Learn more about our security and compliance at our Trust Center.
Yes. As a data processor, PhishingBox maintains compliant system. Learn more about or GDPR compliance practices on the GDPR section of our Trust Center.
Yes. We allow clients to choose the location where their data resides. We have data centers in the U.S. and in the E.U. Learn more about the EU Instance from our Trust Center EU page.
Yes. PhishingBox has developed KillPhish plugin for scanning emails and reporting suspicious emails to your organizations IT staff. Learn more about KillPhish at Products and Services KillPhish.
Yes. PhishingBox has standard integrations with several platforms. Click here to learn our integrations. In addition, we have an application programing interface (API) that can be used for custom applications. Click here to learn more about our API.
Yes, we provide managed phishing service. Learn more about Managed Phishing Services here.
Yes. There is no software to install. All users access the system via a standard web browser. Setup and management of the system can be done by any novice security professional. We also provide support for anyone needing help getting the system running. Once you become an official PhishingBox client, we will have your account fully setup within an hour. Your initial account setup, population of target users, LMS integration, and campaign creation will take about 2-3 hours. Moving forward, customizing and sending out additional campaigns takes 10 minutes or less.
Yes, we provide chat, email, and phone support during normal business hours. In addition, we have a well-documented help system. The PhishingBox system is available here.
Yes. PhishingBox was designed by auditors to perform phishing testing for multiple clients. Learn more our our multi-client version via our Solution Providers page.
This brochure provides an overview of the PhishingBox security awareness ecosystem.
Download
This document outlines controls that should be implemented to prevent or minimize phishing attacks.
Download
This brochure provides an overview of the Phishing Simulator.
Download