Try our new research platform with insights from 80,000+ expert users

KnowBe4 vs Sophos Phish Threat comparison

KnowBe4 and Sophos are both solutions in the Security Awareness Training category. KnowBe4 is ranked #1 with an average rating of 9.5, while Sophos is ranked #3 with an average rating of 9.3. KnowBe4 holds a 29.2% mindshare in SAT, compared to Sophos’s 5.1% mindshare. Additionally, 100% of KnowBe4 users are willing to recommend the solution, compared to 100% of Sophos users who would recommend it.
KnowBe4
Read 5 KnowBe4 reviews
  • 1,655 Views
  • 1,243 Comparison Views
100% willing to recommend
Sophos Phish Threat
Read 12 Sophos Phish Threat reviews
  • 332 Views
  • 197 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Feb 2, 2025

KnowBe4 and Sophos Phish Threat are competing products in the security awareness training and phishing simulation space. KnowBe4 has the upper hand in pricing and customer service, while Sophos Phish Threat is praised for its comprehensive features, making it a worthy contender.

Features: KnowBe4 provides an extensive library of training content, customizable phishing templates, and a user-friendly approach, enhancing flexibility and effectiveness. Sophos Phish Threat offers sophisticated reporting, behavioral analysis tools, and detailed phishing readiness insights.

Room for Improvement: KnowBe4 could improve its analytical tools, advanced reporting capabilities, and scalability for large enterprises. Sophos Phish Threat might benefit from easier deployment procedures, more intuitive usability for non-technical users, and enhanced integration options with other security systems.

Ease of Deployment and Customer Service: KnowBe4 is recognized for its straightforward implementation process and responsive customer service, favoring quick deployment. Sophos Phish Threat, though slightly more complex to deploy, is valued for its robust support system and comprehensive documentation.

Pricing and ROI: KnowBe4 is viewed as cost-effective, offering clear ROI through structured pricing plans. Sophos Phish Threat, despite higher initial setup costs, provides significant ROI due to its advanced features. KnowBe4 offers a balance of cost and value, while Sophos Phish Threat justifies its pricing through rich features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed KnowBe4 vs. Sophos Phish Threat Report (Updated: January 2025).
Buyer's Guide
KnowBe4 vs. Sophos Phish Threat
January 2025
Download the complete report
Helped 838,737 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

KnowBe4
Ranking in Security Awareness Training
1st
Average Rating
9.4
Reviews Sentiment
8.1
Number of Reviews
5
Ranking in other categories
No ranking in other categories
Sophos Phish Threat
Ranking in Security Awareness Training
3rd
Average Rating
8.8
Reviews Sentiment
7.4
Number of Reviews
12
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of February 2025, in the Security Awareness Training category, the mindshare of KnowBe4 is 29.2%, down from 35.8% compared to the previous year. The mindshare of Sophos Phish Threat is 5.1%, up from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Awareness Training
 

Featured Reviews

Brad Mathis - PeerSpot reviewer
Lowers human element risks and has innovative training
Some more AI-driven automation for creating training and phishing testing campaigns, as well as automated reporting would help. The Phish Alert button could be improved, although it is understood this is due to Microsoft's constant changes. Any improvements in wizards and documentation are always a good thing!. Additonal areas for improvement could be around the technical training and best practice training areas such as NIST CSF, CISv8, Cyberinsurance, and more. Clearer whitelisting requirements are always appreciated. However, the current levels are significant and appreciated.
Read full review
Shaun Gordon - PeerSpot reviewer
Identifies vulnerable employees through customized simulations
Sophos Phish Threat effectively identifies susceptible employees. It depends on knowing my staff. For example, if I receive an email claiming my Facebook account is compromised, I immediately recognize it as suspicious, as I don't have Facebook. If I know my staff use LinkedIn, I utilize the LinkedIn simulation. Similarly, if they bank with Absa, I use the Absa simulation. There isn't a single 'one size fits all' approach. Sophos Phish Threat ensures users do not click on dodgy emails or dodgy links within an environment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The main thing is the overall report card. We get to tell the percentages of users who click on links and who don't click on links. We also get an overall score or risk score from them, which also helps us."
"The ability to have business leadership be aware of their users' security posture as well as any kind of security awareness training being pushed by cybersecurity insurance and underwriters is valuable."
"There are many valuable features. It's already deployed in the cloud, and you don't have to install anything. You just upload your users to the cloud and tweak something if needed. You can whitelist some servers to work with this properly. When everything is ready, you can start using the platform and its many automated features."
"Their customizable nature allows us to create scenarios that closely resemble real-world phishing attempts, making them highly relatable to our end users."
"KnowBe4's formulas for risk reduction simply work. Being a technical company, our initial phish-prone percentage wasn't super high, but it was still around 18%. Since we have been requiring ongoing training and simulated phish testing, our average phish-prone percentage hovers in the 0 to 3% range now."
"The solution is very well priced and very affordable."
"It is simple to push tests out to a group of users."
"It is very simple to install and you can do it by yourself."
"I find the solution's reports very valuable."
"Sophos Phish Threat is valuable as it is easy to use and effectively educates end users on the threats they may face and how to identify them."
"Sophos Phish Threat effectively identifies susceptible employees."
"The solution is easy to integrate because it is on the cloud. We have been able to limit users to only accessing the Sophos platform by modifying the firewall and Sophos platform settings. The dashboard gives us detailed reports allowing us to be able to manage better."
"I have found the implementation process to be simple and straightforward."
"The most valuable features of Sophos Phish Threat are internal web filtering and security."
More Sophos Phish Threat pros
 

Cons

"It could be more localized for Ukrainian users. This platform is international, and it has a lot of material in different languages, but not in Ukrainian and Russian languages. There's plenty of different content updated regularly for English, French, and German users. They have a lot more information, and Ukrainian users also want more."
"It can be more interactive with users. We want to put the users in different scenarios and let them make decisions. For example, instead of making users go through a video and then asking questions, it can have a video where they click on the scenarios and have to make decisions. It can maybe have something like a live simulation. It would be nice for users."
"I would like to see Novo4 expand to other channels outside of emails to things such as text messages."
"Enhancing the product's emotional intelligence, particularly by providing training content tailored to specific audiences, is an area for improvement."
"The solution could be much more secure."
"Integration with other products could be improved."
"Sophos Phish Threat can improve by adding other languages, such as Mandarin or Cantonese to their online trainer video center, it would be helpful."
"The pricing of Sophos Phish threat can be improved."
"The security of the solution could improve."
"The product's price is an area of concern, and it can be improved if Sophos reduces the prices by seven to nine percent, considering the current market price at which the product is offered."
"There is a need for improvement regarding false negatives dealing with Office 365."
"It would be great if the price was reduced."
More Sophos Phish Threat cons
 

Pricing and Cost Advice

"I don't know the cost, but I believe we are paying yearly. We did like a three-year or five-year contract. I am not aware of any extra costs in addition to a standard licensing fee."
"It's about five dollars a seat per month."
"I rate the product pricing as four out of ten."
"Licensing is paid on a yearly basis. You can go to the official site to check their approximate pricing. It's based on the number of users or staff. It can vary from country to country, but for Ukraine, it works as it's stated on the site."
"The license for the product comes with the firewall offered by Sophos, so a user need not buy it separately."
"Licensing fees are paid annually."
"There is a license required for this solution and the cost depends on the number of users."
"There are monthly and annual subscriptions available to use Sophos Phish Threat. The price is reasonable."
"The pricing is very good, and some of my customers who have used other vendors say that Sophos is priced well within the market."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Awareness Training solutions are best for your needs.
See recommendations
838,737 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
8%
Educational Organization
7%
Healthcare Company
6%
Computer Software Company
23%
Financial Services Firm
13%
Real Estate/Law Firm
10%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about KnowBe4?
Their customizable nature allows us to create scenarios that closely resemble real-world phishing attempts, making them highly relatable to our end users.
See all answers
What is your experience regarding pricing and costs for KnowBe4?
The solution is very well priced and very affordable. It's about five dollars a seat per month.
See all answers
What needs improvement with KnowBe4?
I would like to see Novo4 expand to other channels outside of emails to things such as text messages.
See all answers
What do you like most about Sophos Phish Threat?
I find the solution's reports very valuable.
See all answers
What needs improvement with Sophos Phish Threat?
There is a need for improvement regarding false negatives dealing with Office 365. The issue stems from policies in Office 365 that prevent scanning certain elements, which might trigger errors. I ...
See all answers
What is your primary use case for Sophos Phish Threat?
I use Sophos Phish Threat to test employee security awareness. Essentially, my clients utilize Phish Threat to ensure that users are not clicking on suspicious emails or links. It is a simulated ca...
See all answers
 

Comparisons

Terranova Security vs KnowBe4 Logo
Terranova Security vs KnowBe4
Compared 16% of the time
Arctic Wolf Managed Security Awareness vs KnowBe4 Logo
Arctic Wolf Managed Security Awareness vs KnowBe4
Compared 15% of the time
Proofpoint Email Protection vs KnowBe4 Logo
Proofpoint Email Protection vs KnowBe4
Compared 13% of the time
Kaspersky Security Awareness vs KnowBe4 Logo
Kaspersky Security Awareness vs KnowBe4
Compared 9% of the time
CybeReady vs KnowBe4 Logo
CybeReady vs KnowBe4
Compared 6% of the time
More KnowBe4 Competitors
No data available
 

Product Reports

Buyer's Guide
KnowBe4
February 2025
KnowBe4 reportDownload KnowBe4 product report
Buyer's Guide
Sophos Phish Threat
February 2025
Sophos Phish Threat reportDownload Sophos Phish Threat product report
 

Also Known As

No data available
Phish Threat
 

Overview

Old school Security Awareness Training is static. It’s a one-time event without follow-up. KnowBe4's Kevin Mitnick Security Awareness Training starts with a baseline test to show the actual Phish-prone percentage of your users. Then it steps users through effective, interactive, on-demand browser-based training. As step three, you send frequent simulated phishing attacks to your employees to reinforce the training. This last feature, frequent simulated phishing attacks (we recommend at the very least once a month) really creates a change in behavior.

KnowBe4

Sophos Phish Threat emulates a range of phishing attack types to help you identify areas of weakness in your organization’s security posture, and empower users through engaging training to strengthen your organizations defenses.

Sophos
 

Sample Customers

West Aurora Public School District 129
Information Not Available
Buyer's Guide
KnowBe4 vs. Sophos Phish Threat
January 2025
Free Report: KnowBe4 vs. Sophos Phish Threat
Find out what your peers are saying about KnowBe4 vs. Sophos Phish Threat and other solutions. Updated: January 2025.
DOWNLOAD NOW
838,737 professionals have used our research since 2012.
See our KnowBe4 vs. Sophos Phish Threat report.
See our list of best Security Awareness Training vendors.

We monitor all Security Awareness Training reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.