IRONSCALES Adds Security Awareness Training

Many people don’t know that IRONSCALES started as a Security Awareness Training company. While working as a security researcher at a technology company, Eyal Benishti (our founder & CEO) had a steady stream of coworkers asking him every day about whether an email they’d received was a phish or if it was safe. Eyal decided to write a piece of software that could help train end users like his coworkers on the basics of spotting phishing attacks. Building on this, he developed new functionality that could detect and remediate phishing attacks. Fast forward nearly a decade and that’s exactly what IRONSCALES is still doing for our customers today–fighting back against phish and training end users with a single, integrated solution.

Why do we remain so passionate about including end-user testing and training capabilities in all our plans? The short answer is that we believe that phishing is a human + machine problem that can only be solved with a human & machine solution. AI/ML can detect around 99% of advanced phishing attacks, but it’s that last 1% of phish that can lead to a breach, ransomware attack, or worse. That’s why we continue to include the human element in our solution and provide our customers with the ability to train end users on how to spot and report suspicious phishing attacks. It is only by combining the power of the machine with the power of the human in a single solution that an organization has a chance to be successful in the fight against phish.

We are excited to announce today that we’re building on our legacy of providing training to our customers by adding expanded training campaign functionality along with a new library of video-based training content–to help our customers better educate their employees on how to spot phishing attacks, improve their overall security knowledge, learn about multiple industry compliance framework requirements and much more. Before we dive into what we’re launching today, it is important to understand the difference between Phishing Simulation Testing (PST) and Security Awareness Training (SAT):

• Phishing Simulation Testing: This is the functionality that we offer all our customers today (and will continue to do so). The customer admin can go into the platform, create a PST campaign, configure the various elements of the campaign (landing page, email to go out, training video selected), define the audience and timing of the campaign, and then launch. The only time an employee would be assigned to watch a video is if they fail the phishing simulation test.
• With Security Awareness Training: Customers will be able to create a campaign, configure it as desired (email text, video selected), define the audience and timing, and hit send. End users will simply receive an email asking them to view the assigned video using the link included in the email.

With this launch, IRONSCALES Complete Protect™ plan customers will gain exclusive access to the following:

• Over one hundred new training videos in nine languages from IRONSCALES' partner Wizer™ Training, an industry leader in security awareness training.
• Security Awareness Training (SAT) campaigns that can be launched in just a few clicks
• SAT campaigns can be sent to specific employees, or smart groups and can be delivered independently, or in conjunction with Phishing Simulation Testing
• Detailed user engagement reporting tools to track all campaign results
• The ability to upload custom training video content to use in campaigns

To learn more about our expanded Complete Protect plan, which also includes anti-phishing protection for both cloud-based email and Microsoft Teams environments, please visit us today at ironscales.com/plans/complete-protect.