KnowBe4 vs Sophos Phish Threat comparison

KnowBe4 and Sophos are both solutions in the Security Awareness Training category. KnowBe4 is ranked #1 with an average rating of 9.5, while Sophos is ranked #3 with an average rating of 10.0. KnowBe4 holds a 31.5% mindshare in SAT, compared to Sophos’s 5.2% mindshare. Additionally, 100% of KnowBe4 users are willing to recommend the solution, compared to 100% of Sophos users who would recommend it.

KnowBe4

Read 4 KnowBe4 reviews

1,968 Views
1,449 Comparison Views

100% willing to recommend

Sophos Phish Threat

Read 10 Sophos Phish Threat reviews

357 Views
202 Comparison Views

100% willing to recommend

KnowBe4

Sophos Phish Threat

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between KnowBe4 and Sophos Phish Threat based on real PeerSpot user reviews.

Find out in this report how the two Security Awareness Training solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed KnowBe4 vs. Sophos Phish Threat Report (Updated: October 2024).

Buyer's Guide

KnowBe4 vs. Sophos Phish Threat

October 2024

Download the complete report

Helped 816,562 peers since 2012

Categories and Ranking

KnowBe4

Ranking in Security Awareness Training

1st

Average Rating

9.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Sophos Phish Threat

Ranking in Security Awareness Training

3rd

Average Rating

8.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Security Awareness Training category, the mindshare of KnowBe4 is 31.5%, down from 37.4% compared to the previous year. The mindshare of Sophos Phish Threat is 5.2%, up from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Awareness Training

Featured Reviews

Brad Mathis

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Lowers human element risks and has innovative training

Some more AI-driven automation for creating training and phishing testing campaigns, as well as automated reporting would help. The Phish Alert button could be improved, although it is understood this is due to Microsoft's constant changes. Any improvements in wizards and documentation are always a good thing!. Additonal areas for improvement could be around the technical training and best practice training areas such as NIST CSF, CISv8, Cyberinsurance, and more. Clearer whitelisting requirements are always appreciated. However, the current levels are significant and appreciated.

Read full review

Carlos Roberto Da Silva

Pre-Sales Director at 4 ITS

Significantly reduced phishing attacks in my customers' environments by training their users

Sophos should offer tests where we can emulate new attacks happening now. For example, people use traveling companies, so we could simulate a new test based on that. Sophos could update tests because we have tests for old attacks. We need new emails with new attacks, something that's happening now. Phish Threat has a lot of features that need to be improved, such as reporting. This is not just with EDR but with Sophos Central as well. For example, if we wanted to find the top ten machines that had been attacked the most last month, we could identify what the problem could be, whether it's the user or something happening with the machine. The report could say, "Last month, 20 machines were affected," maybe thanks to a virus or malware.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"There are many valuable features. It's already deployed in the cloud, and you don't have to install anything. You just upload your users to the cloud and tweak something if needed. You can whitelist some servers to work with this properly. When everything is ready, you can start using the platform and its many automated features."

"Their customizable nature allows us to create scenarios that closely resemble real-world phishing attempts, making them highly relatable to our end users."

"The main thing is the overall report card. We get to tell the percentages of users who click on links and who don't click on links. We also get an overall score or risk score from them, which also helps us."

"KnowBe4's formulas for risk reduction simply work. Being a technical company, our initial phish-prone percentage wasn't super high, but it was still around 18%. Since we have been requiring ongoing training and simulated phish testing, our average phish-prone percentage hovers in the 0 to 3% range now."

"It is easy to use."

"I have found the implementation process to be simple and straightforward."

"The most valuable features of Sophos Phish Threat are internal web filtering and security."

"It is very simple to install and you can do it by yourself."

"The solution is easy to integrate because it is on the cloud. We have been able to limit users to only accessing the Sophos platform by modifying the firewall and Sophos platform settings. The dashboard gives us detailed reports allowing us to be able to manage better."

"The scalability is very good."

"I find the solution's reports very valuable."

"The installation is straightforward. You only need to upload the user's email address to the cloud and you can start using it."

More Sophos Phish Threat pros

Cons

"It can be more interactive with users. We want to put the users in different scenarios and let them make decisions. For example, instead of making users go through a video and then asking questions, it can have a video where they click on the scenarios and have to make decisions. It can maybe have something like a live simulation. It would be nice for users."

"It could be more localized for Ukrainian users. This platform is international, and it has a lot of material in different languages, but not in Ukrainian and Russian languages. There's plenty of different content updated regularly for English, French, and German users. They have a lot more information, and Ukrainian users also want more."

"Enhancing the product's emotional intelligence, particularly by providing training content tailored to specific audiences, is an area for improvement."

"The pricing of Sophos Phish threat can be improved."

"The product's price is an area of concern, and it can be improved if Sophos reduces the prices by seven to nine percent, considering the current market price at which the product is offered."

"The security of the solution could improve."

"Sophos Phish Threat can improve by adding other languages, such as Mandarin or Cantonese to their online trainer video center, it would be helpful."

"The solution could be much more secure."

"Sophos should offer tests where we can emulate new attacks happening now."

"I would like to see more manager-level training that teaches what needs to be done after a phishing email attack is found."

"The security could be simplified within the product."

More Sophos Phish Threat cons

Pricing and Cost Advice

"I rate the product pricing as four out of ten."

"I don't know the cost, but I believe we are paying yearly. We did like a three-year or five-year contract. I am not aware of any extra costs in addition to a standard licensing fee."

"Licensing is paid on a yearly basis. You can go to the official site to check their approximate pricing. It's based on the number of users or staff. It can vary from country to country, but for Ukraine, it works as it's stated on the site."

"The pricing is very good, and some of my customers who have used other vendors say that Sophos is priced well within the market."

"There is a license required for this solution and the cost depends on the number of users."

"Licensing fees are paid annually."

"There are monthly and annual subscriptions available to use Sophos Phish Threat. The price is reasonable."

"The license for the product comes with the firewall offered by Sophos, so a user need not buy it separately."

See which vendors are best for you

Use our free recommendation engine to learn which Security Awareness Training solutions are best for your needs.

See recommendations

816,562 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

Insurance Company

Educational Organization

Computer Software Company

24%

Financial Services Firm

13%

Real Estate/Law Firm

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about KnowBe4?

Their customizable nature allows us to create scenarios that closely resemble real-world phishing attempts, making them highly relatable to our end users.

See all answers

What is your experience regarding pricing and costs for KnowBe4?

My advice would be to find a trusted partner and work with them. The pricing model is simple. If you have the technical staff and bandwidth, you may implement it yourself. However, if you want to g...

See all answers

What needs improvement with KnowBe4?

See all answers

What do you like most about Sophos Phish Threat?

I find the solution's reports very valuable.

See all answers

What needs improvement with Sophos Phish Threat?

I cannot suggest which areas in the solution need improvement since Sophos has a research and development team that updates Sophos Phish Threat, and users mostly get the upgraded firewall online. T...

See all answers

What is your primary use case for Sophos Phish Threat?

The major use cases attached to the solution stem from the fact that my company caters to the needs of a lot of customers who use the solution and haven't faced any problems with it or any malware,...

See all answers

Comparisons

Terranova Security vs KnowBe4

Compared 22% of the time

Arctic Wolf Managed Security Awareness vs KnowBe4

Compared 15% of the time

Proofpoint Email Protection vs KnowBe4

Compared 12% of the time

Kaspersky Security Awareness vs KnowBe4

Compared 9% of the time

Barracuda PhishLine vs KnowBe4

Compared 7% of the time

More KnowBe4 Competitors

No data available

Product Reports

Buyer's Guide

KnowBe4

November 2024

Download KnowBe4 product report

Buyer's Guide

Security Awareness Training

October 2024

Download Sophos Phish Threat product report

Also Known As

No data available

Phish Threat

Learn More

KnowBe4

Sophos

Overview

Old school Security Awareness Training is static. It’s a one-time event without follow-up. KnowBe4's Kevin Mitnick Security Awareness Training starts with a baseline test to show the actual Phish-prone percentage of your users. Then it steps users through effective, interactive, on-demand browser-based training. As step three, you send frequent simulated phishing attacks to your employees to reinforce the training. This last feature, frequent simulated phishing attacks (we recommend at the very least once a month) really creates a change in behavior.

Sophos Phish Threat emulates a range of phishing attack types to help you identify areas of weakness in your organization’s security posture, and empower users through engaging training to strengthen your organizations defenses.

Sample Customers

West Aurora Public School District 129

Information Not Available

Buyer's Guide

KnowBe4 vs. Sophos Phish Threat

October 2024

Free Report: KnowBe4 vs. Sophos Phish Threat

Find out what your peers are saying about KnowBe4 vs. Sophos Phish Threat and other solutions. Updated: October 2024.

DOWNLOAD NOW

816,562 professionals have used our research since 2012.

See our KnowBe4 vs. Sophos Phish Threat report.

See our list of best Security Awareness Training vendors.

We monitor all Security Awareness Training reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.