PhishingBox Security Ecosystem

Security Awareness Training & Threat Prevention

PhishingBox Security Ecosystem

In the current environment, information security is the responsibility of all organizations. From cybersecurity threats to regulatory requirements, organizations must address information security. Security awareness training is a key component of an information security program. In addition to training, having the ability to test employees' security awareness helps determine if an organization’s security awareness training is working. PhishingBox provides a suite of security tools to implement a security awareness training program including threat protection tools for end users and security staff.

Security Awareness

Security awareness is a continuous process of training, testing, and remediation. With the PhishingBox platform, organizations can implement a comprehensive security awareness training program using the products listed on this page. For more information on implementing a security awareness training program using PhishingBox, click here. For information on program components, review the relevant areas below.

Learning Management System

PhishingBox includes an integrated learning management system (LMS) to deliver training to users. This SCORM-compliant LMS can deliver PhishingBox training courses, courses from our content providers, or internally created content. An organization has the option to use third-party LMS integrations or the PhishingBox API to connect to other systems. Click here for more information on the PhishingBox LMS.

Phishing Simulations

How does an organization know security awareness training is working? Through the phishing simulator, organizations can conduct realistic phishing tests to evaluate the effectiveness of their employees' security awareness. Our phishing simulator is robust and allows for complex testing schedules, a dynamic template library, editing of templates, and more. Click here to learn more about the Phishing Simulator.

PhishingBox's API Application Programming Interface

KillPhish Scan & Report

KillPhish is an email plugin to help users evaluate emails and report suspicious emails to an organization’s security operations. Any reported simulated phishing emails improve an organization’s Net Reporter Score or NRS. The NRS is a primary gauge to monitor an organization’s security awareness posture. The scanning capabilities of KillPhish provide indications to employees of potential threats from suspicious emails. Click here to learn more about KillPhish.

Security Inbox [coming soon]

Security Inbox is a tool used by a security operations center or other technology staff to manage suspicious emails reported by employees. Security Inbox provides capabilities to research threat characteristics of the emails and provide automated responses and replies to employees. Click here to learn more about Security Inbox.

Features Common to All Products

U.S. Based Support

Talk to a real person

Our Customer Success Team and Technical Support are both in-house and included without tiers. We don't outsource or offshore.

Secure Data Center

Confidence in data security

We maintain a robust security and compliance program. Learn more about our security and compliance practices at our Trust Center.

Multi-Client Capabilities

Work with many clients

PhishingBox allows auditors, MSPs, and others the ability to conduct phishing and security awareness training for many clients.

Integrations

Extend the functionality

We integrate with several popular third-party services: LMS, SSO, CRM and HRIS. View a complete list on our integrations page.

Simple to Use

Easy-to-use interfaces

No technical expertise required. Through intuitive menus you will be using the system in no time. View system screenshots here.

No Software to Install

Get up and running quickly

The system is web-based so no special software required. Management of the system is though standard web browsers.

Frequently Asked Questions

Do you offer a free trial to PhishingBox?

Yes. We offer all prospective clients the opportunity to test the system. Please contact us and we will gladly demo the system, answer any questions that you may have and provide you with a trial account.

Does PhishingBox provide security awareness training?

Yes. PhishingBox provides security awareness training. Learn more about our security awareness training material, including training from other third-party content providers.

Is our data secure?

Yes. PhishingBox maintains an information security program that includes external audits. Learn more about our security and compliance at our Trust Center.

Is PhishingBox GDPR compliant?

Yes. As a data processor, PhishingBox maintains compliant system. Learn more about or GDPR compliance practices on the GDPR section of our Trust Center.

Does PhishingBox maintain system outside the U.S.?

Yes. We allow clients to choose the location where their data resides. We have data centers in the U.S. and in the E.U. Learn more about the EU Instance from our Trust Center EU page.

Does PhishingBox have an email plugin tool to report suspicious emails?

Yes. PhishingBox has developed KillPhish plugin for scanning emails and reporting suspicious emails to your organizations IT staff. Learn more about KillPhish at Products and Services KillPhish.

Does PhishingBox integrate with other platforms?

Yes. PhishingBox has standard integrations with several platforms. Click here to learn our integrations. In addition, we have an application programing interface (API) that can be used for custom applications. Click here to learn more about our API.

Will PhishingBox perform security training and testing for us?

Yes, we provide managed phishing service. Learn more about Managed Phishing Services here.

Is PhishingBox easy to setup and use?

Yes. There is no software to install. All users access the system via a standard web browser. Setup and management of the system can be done by any novice security professional. We also provide support for anyone needing help getting the system running. Once you become an official PhishingBox client, we will have your account fully setup within an hour. Your initial account setup, population of target users, LMS integration, and campaign creation will take about 2-3 hours. Moving forward, customizing and sending out additional campaigns takes 10 minutes or less.

Do you provide support after the sale?

Yes, we provide chat, email, and phone support during normal business hours. In addition, we have a well-documented help system. The PhishingBox system is available here.

We are an audit firm, can we perform phishing testing for multiple clients using PhishingBox?

Yes. PhishingBox was designed by auditors to perform phishing testing for multiple clients. Learn more our our multi-client version via our Solution Providers page.

What is the difference between the single and multi-license?

Single Company Licenses are for organizations to conduct phishing simulations (tests) on their internal employees. These accounts typically only have one domain name associated with their phishing campaigns (@company.com), and licenses can either be purchased on a ’Per User’ or ‘Email Allocation’ basis. The ‘Per User’ option allows for unlimited testing throughout the year on all users, while the ‘Email Allocation’ option is restricted to the total number of emails sent out, not the total number of users.

Multi-Client Licenses are for companies that manage services for their clients and resell other company’s software. They generally run tests on behalf of their clients and will have multiple domain names associated with the tests. Multi-Client accounts are only sold as an ‘Email Allocation’ option.

View More FAQs

Additional Resources

PhishingBox Ecosystem

This brochure provides an overview of the PhishingBox security awareness ecosystem.
Download

Business Case

This document outlines controls that should be implemented to prevent or minimize phishing attacks.
Download

Prevention Checklist

This brochure provides an overview of the Phishing Simulator.
Download

PhishingBox Security Ecosystem

Security Awareness Training & Threat Prevention