Cofense PhishMe vs. Proofpoint Security Awareness Training

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cofense PhishMe
Score 9.6 out of 10
Enterprise companies (1,001+ employees)
Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.N/A
Proofpoint Security Awareness Training
Score 10.0 out of 10
N/A
Proofpoint Security Awareness Training (formerly ThreatSim from Wombat Security) is a cloud-based training platform that simulates threat scenarios (e.g. phishing) and also provides assessment testing developed by Wombat Technologies, which was acquired by Proofpoint in March 2018.N/A
Pricing
Cofense PhishMeProofpoint Security Awareness Training
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense PhishMeProofpoint Security Awareness Training
Free Trial
YesYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
Cofense PhishMeProofpoint Security Awareness Training
Considered Both Products
Cofense PhishMe
Chose Cofense PhishMe
PhishMe is a market leader in terms of phishing simulation solutions. The customization appears unmatched when compared with competitors and the support we have experienced from Cofense has been excellent. Phish me offers lots of realistic templates which are updated regularly …
Chose Cofense PhishMe
Cofense phishing simulation product is one of the best security awareness solutions that our security team has tested. The product is feature-rich and easy to navigate. Awareness templates are numerous to select from and in multiple languages, which is a big plus. Campaign …
Chose Cofense PhishMe
Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios …
Chose Cofense PhishMe
Cofense PhishMe has a more robust offering and better pricing structure. We used Wombat prior to them being acquired by Proofpoint.
Chose Cofense PhishMe
Cofense PhishMe is price competitive and provides lots of value. We are also utilizing Cofense's other products such as Triage, Vision, and Report PhishMe. We are seeing lots of value from these products and hopefully, your company will see some value also. Support also is …
Chose Cofense PhishMe
I have not used similar kinds of products previously. So this is hard for me to compare anyone here. But as long as I used PhishMe I loved it. The ease of use, the neat designs, and distinct tabs help reduce the clutter. The learning curve to get comfortable with the tool is …
Chose Cofense PhishMe
Cofense provides more templates. We couple the reporter service with the Triage product & managed triage service.
Cofense's support is better and more engaged. We utilized Wombat before acquisition.
Chose Cofense PhishMe
Cofense is more comprehensive in its offerings given that the field of email security and email-related staff awareness is their focus area, while for Cymulate, it is only a component of testing and nothing else. Hence, it was quite beneficial to use Cofense in that regard.
Chose Cofense PhishMe
Cofense was selected as a vendor before I was in this role. Another vendor was evaluated for additional security awareness training but not to replace the Cofense PhishMe program. We also looked at Ninjio to supplement our phishing education program.
Chose Cofense PhishMe
We chose PhishMe due to its ease of use and integration. The many different scenarios available and the price point were the main selling points vs the competitors.
Chose Cofense PhishMe
For reporter, we've used GoSecure IDR. KnowBe4 is probably the biggest paid competitor I've seen and tried a demo.

For opensource, things like GoPhish or the Social Engineering Toolkit within Kali Linux aren't bad. Both require more effort, so you either pay Cofense for ease of …
Chose Cofense PhishMe
We haven't used another provider. However, we used our internal phishing simulation solution prior to contracting Cofense. The internal solution gives you more flexibility (you can send emails to any domain and can impersonate any company) but you'd be missing the Reporter …
Chose Cofense PhishMe
Our previously used product was SANS ACLP. This wasn't an altogether horrible product and for the time we used it the purpose for its use was served. We had multiple issues though with how this product delivered emails, captured clicks, and generated reporting once the …
Chose Cofense PhishMe
PhishMe had similar features and was less expensive.
Chose Cofense PhishMe
We closely looked at KnowBe4's platform as well when it came time to renew. We chose to continue with Cofense because we already had over a year's worth of data in the platform that we would lose by switching vendors.
Chose Cofense PhishMe
I have not used any other products that do the same thing as PhishMe. I was not the decision maker in deploying PhishMe so I can not comment as to why we chose it or any other similar competitors in the field. PhishMe works well for what we use it for.
Chose Cofense PhishMe
Cofense PhishMe is a very usable and customizable suite and compared to a previous product, it's hard to go back. After using [Cofense] PhishMe, I don't want to look for another product since the features are rich and the usability is relatively straightforward. Information and …
Proofpoint Security Awareness Training
Chose Proofpoint Security Awareness Training
Due to Proofpoint large experience on phishing/e-mail protection market. This analysis ran through financial decisions, but the product capabilities were a important aspect to the decision makers.
Chose Proofpoint Security Awareness Training
We chose Proofpoint Security Awareness Training because we already use their email gateway. The combination of these two are very powerful!
Chose Proofpoint Security Awareness Training
We felt Proofpoint product was easier to use and administer. Proofpoint also had better features like PhishAlarm button, VAP reports, TRAP etc.
Chose Proofpoint Security Awareness Training
Proofpoint is not on par with its competitors.
Chose Proofpoint Security Awareness Training
We ultimately chose Proofpoint because it was the best fit for our company with regard to our internal technology, processes, and budget. However, the other products we reviewed all had their strengths.
Chose Proofpoint Security Awareness Training
I think that Proofpoint Security Awareness Training pricing is one of the main reasons that we went with them. We only have the lowest tier, and it does a pretty good job for what we pay. We are using Proofpoint for our email security solution, so we ended up saving some money …
Chose Proofpoint Security Awareness Training
Their support was what really drew us to them.
Chose Proofpoint Security Awareness Training
I have used both and can say they are comparable. KnowBe4 has all the content out there for the admin to add but Proofpoint only had a limited number of courses available per the contract. Seems like KnowBe4 has more content or allows more per bundle.
Chose Proofpoint Security Awareness Training
The decision was based on the ease of use and the better security awareness material at Proofpoint.
Chose Proofpoint Security Awareness Training
We have not used other security training. Proofpoint Security Awareness Training has been our first selection. We have been happy with the purchase! We have also created some training in-house, but we like that Proofpoint gives us the flexibility to train our staff on other …
Chose Proofpoint Security Awareness Training
We have selected Proofpoint Security Awareness Traning to work on the major weakness of the cybersecurity chain (human factor). We believe that working on the human factor is fundamental to achieve our goals.
Chose Proofpoint Security Awareness Training
We initially shopped two products: Proofpoint Security Awareness Training (at the time, it was called Wombat) and Cofense PhishMe. After some extensive internal testing in the IT department, we concluded that Proofpoint's robust reporting and pre-baked content (tests, guides, …
Chose Proofpoint Security Awareness Training
The "Managed Service" (a dedicated ProofPoint Account Rep c/w weekly status calls) significantly reduces the resource demand on the area within your company managing the program. The KnowBe4 Platform does all the same stuff (Training Modules, Reports, ThreatSim Tools), but you …
Chose Proofpoint Security Awareness Training
Wombat is our first security awareness vendor
Chose Proofpoint Security Awareness Training
Proofpoint was the only company we looked at. We had heard from other companies using the product how great it was and we were excited to implement it. I don't think there is another company that is in the market place that even comes close to what they offer. We are happy …
Chose Proofpoint Security Awareness Training
Our team decided to go with Proofpoint prior to me being involved, so I was not involved in the assessment. However, I do believe that PhishMe was the tool that we used before. I am not sure of the exact reasons for the switch, but we are very happy with Proofpoint.
Chose Proofpoint Security Awareness Training
I think Wombat beats most of its competitors by default by simply being another piece of the Proofpoint security platform. Other phishing platforms do not have this additional piece, so you will end up paying for a phishing awareness software and also an email security platform …
Chose Proofpoint Security Awareness Training
At the time we selected Proofpoint (Wombat) they appeared to have the best solution. They have a simple to use interface and the phishing platform was quite impressive. However, over time I have found that their training catalog is not as large as it could be. KnowBe4 has …
Chose Proofpoint Security Awareness Training
We selected Proofpoint, because originally Wombat was a local company to us and many people in the area were using the product. It got great reviews from others technology directors in our area, which made the decisions easy to make.
Chose Proofpoint Security Awareness Training
We already used ProofPoint so we thought it would be a better fit. The other products may have looked better but pricing was good. Do not increase pricing.
Chose Proofpoint Security Awareness Training
I think Proofpoint's design and training are the best in the bunch, but the other products certainly hold their own.
Chose Proofpoint Security Awareness Training
Peer input, piloting with a number of key users, previous positive experience with Wombat training and financials supported our choice for Wombat.
Chose Proofpoint Security Awareness Training
Proofpoint Security Awareness Training -- Wide offerings (training, simulated campaigns, report phish button, phish analyzer); invaluable integrations with TRAP & Phish Alarm/Analyzer; incredibly helpful and kind support, very quick to assist & knowledgeable. PSAT was and …
Chose Proofpoint Security Awareness Training
Proofpoint's platform is way ahead of that of Deloitte, has far more training modules and flexibility.
Features
Cofense PhishMeProofpoint Security Awareness Training
Security
Comparison of Security features of Product A and Product B
Cofense PhishMe
7.8
Ratings
9% below category average
Proofpoint Security Awareness Training
9.0
Ratings
5% above category average
Single sign-on capability7.40 Ratings9.00 Ratings
Role-based user permissions8.20 Ratings9.00 Ratings
Security Awareness Training
Comparison of Security Awareness Training features of Product A and Product B
Cofense PhishMe
7.3
Ratings
15% below category average
Proofpoint Security Awareness Training
9.4
Ratings
11% above category average
Training Content Library7.20 Ratings10.00 Ratings
Multilingual Training Content7.10 Ratings9.00 Ratings
Training Gamification7.10 Ratings9.00 Ratings
Industry-Specific Security Training7.80 Ratings9.00 Ratings
Individualized Security Training Plans6.90 Ratings9.00 Ratings
Phishing Simulations7.20 Ratings10.00 Ratings
Security Reporting8.00 Ratings10.00 Ratings
Integration with Security Tech Stack7.30 Ratings00 Ratings
Best Alternatives
Cofense PhishMeProofpoint Security Awareness Training
Small Businesses
Barracuda Email Protection
Barracuda Email Protection
Score 10.0 out of 10
Barracuda Email Protection
Barracuda Email Protection
Score 10.0 out of 10
Medium-sized Companies
Hoxhunt
Hoxhunt
Score 9.5 out of 10
Hoxhunt
Hoxhunt
Score 9.5 out of 10
Enterprises
Hoxhunt
Hoxhunt
Score 9.5 out of 10
Hoxhunt
Hoxhunt
Score 9.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cofense PhishMeProofpoint Security Awareness Training
Likelihood to Recommend
8.7
(0 ratings)
9.0
(0 ratings)
Likelihood to Renew
9.1
(0 ratings)
7.3
(0 ratings)
Usability
7.3
(0 ratings)
8.6
(0 ratings)
Support Rating
9.1
(0 ratings)
8.3
(0 ratings)
Online Training
9.1
(0 ratings)
-
(0 ratings)
Implementation Rating
8.2
(0 ratings)
-
(0 ratings)
Vendor post-sale
9.1
(0 ratings)
-
(0 ratings)
Vendor pre-sale
9.1
(0 ratings)
-
(0 ratings)
User Testimonials
Cofense PhishMeProofpoint Security Awareness Training
Likelihood to Recommend
It's a very apt tool for the scenario where there are multiple users and verticals in an organisation. Phishing Campaigns and recording their response actions is quite easier through this tool. Not suitable for a small organization (less than 500) that can maybe use some open tools or self-made emails for campaigns.
Read full review
I think that Proofpoint is the best product on the market for Security Awareness Training. They make it easy, they have taken all the guess work out of it. You are supplied with everything you need to have a successful program and you don't have to be a "teacher" to do this. They have taken all of the guess work out of it.
Read full review
Pros
  • Easy to Navigate GUI - easy to create and run scenarios
  • In depth reporting - Ability to provide detailed reports by department, title, etc. for follow-up training
  • Adoption of new technology - new additions such as Responsive Delivery and Recipient Sync allow less overhead for running scenarios
  • Introduction of new templates - new templates being introduced all the time to keep up with currently seen campaigns
Read full review
  • The report phish Outlook add-in button has had a positive influence on our users. We have many users regularly reporting suspect phish emails.
  • The templates for the phish campaigns are very up to date, using real life recent phishing attacks. This makes our phishing campaigns much more realistic.
  • The training modules from PSAT are very effective and useful with our LMS system.
Read full review
Cons
  • Many of the URLs come in with an unknown reputation and although it may be challenging from threat intel feeds, somehow allowing a more in-depth analysis of the URL can provide better/quicker decision making or validation.
  • Adjustable widgets for reporting, although the provided are already built very well.
  • Provide in-house templates or summaries of actionable items, such as a single brief on a major phish.
Read full review
  • The platform provides options for many different reports (with some customization options), however, there are reports that I would want that are not available.
  • Adding new staff (we have a lot of turn-over) into an existing training plan can be cumbersome for the system administrator. Although End-User Sync can be set-up to "add" new users to the system, the new users still need to manually be added to the assignments and sent past assignments to complete. (NOTE: this was made more difficult because of our decision to implement a training plan the way we did).
  • Some of the ThreatSim campaigns (simulated phishing or malicious attachment emails) will only work if you are using their PhishAlarm plug-in (add-on button for Outlook, etc. for users to easily report suspected threats). Our users access email by iPhones, Android, iPads, PCs, and Macs. PhishAlarm cannot be used for all of these platforms.
Read full review
Likelihood to Renew
No answers on this topic
  • The product is great for what we use it for
  • We have a good relationship with our vendor/Proofpoint, which I believe is needed to be successful in Security Awareness and using tools like this
  • The package/service as a whole is incredibly helpful
  • The integrations with Proofpoint's Trap is one of the most valuable things we could do. It turns your entire email user base into members of IT security, to be on the look out to report cyber attacks, and have them pulled out of everyone's email if the email is condemed/found malicious.
Read full review
Usability
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
Read full review
Overall, PSAT is integral to what we do. PSAT is a helpful tool to help us improve our employees ability to recognize, report, and respond to phishing. It works for us to use a longterm partner, who is incredibly helpful/supportive, and also bringing Proofpoint's greater cybersecurity & attack intelligence into PSAT. Honestly, we are pretty happy and would make the choice to go with PSAT again (we evaluated the major players in the space via Gartner's Magic Quadrant). The team behind the products are excellent and the product of itself is both intuitive and expansive. This combination allows us to reach our 10k+ employees who are located in over 20 countries
Read full review
Support Rating
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
Read full review
I have never had any issues with receiving support and have always had my questions answered in a timely manner. When we do have suggestions, the support has been ready to step in and provide advice or take our suggestions seriously. But normally, there aren't any issues that come up when using this product.
Read full review
Online Training
It's a must, even if you are never going to use the tool. Cofense aims to provide phishing training first and tool second.
Read full review
No answers on this topic
Implementation Rating
There are some hiccups, but there are meant to be, when you implement something in a large scale enterprise.
Read full review
No answers on this topic
Alternatives Considered
PhishMe is a market leader in terms of phishing simulation solutions. The customization appears unmatched when compared with competitors and the support we have experienced from Cofense has been excellent. Phish me offers lots of realistic templates which are updated regularly which is far ahead of other solutions. Phish me also provides lots of detailed statistics as well as high-level numbers which are really useful for some clients who want details, and others who only want high-level overviews.
Read full review
The "Managed Service" (a dedicated ProofPoint Account Rep c/w weekly status calls) significantly reduces the resource demand on the area within your company managing the program. The KnowBe4 Platform does all the same stuff (Training Modules, Reports, ThreatSim Tools), but you (or your staff) need to do considerably more work to manage the Overall Program. The uplift in cost for this service is minimal.
Read full review
Return on Investment
  • From a normal user's perspective, it's an easy and fast, very very user-friendly phishing email reporting structure. No need to remember any email address, no need for sophisticated handling of malicious emails while sending/ reporting. Just a click and it is done.
  • From the admin and analyst point of view: Easy and clutter-free triaging pane, IOC reputation check facility, Rules and Recipes section for automation and focused triaging, Notification to the reporter based on the triaging done is really a helpful feedback loop.
  • Overall: Simple to handle, less learning curve, well managed, less administration time, fewer issues, less maintenance time.
Read full review
  • I don't think there are hard and fast numbers when it comes to Security Awareness ROI, as it would be next to impossible to come up with any defined metrics.
  • Phishing campaigns vary in their effectiveness, what I've found is that there is always something that will trigger your employees to click. Finding what that is for your company can help you train everyone to see the red flags.
Read full review
ScreenShots

Cofense PhishMe Screenshots

Screenshot of Image 1 – Board of Directors (BOD) report showcasing results of your phishing defense programScreenshot of Image 2 – Create New Scenario PageScreenshot of Image 3 – Intelligent Program Automation using PlaybooksScreenshot of Image 4 – Organizational Suspicious Email Reporting StatisticsScreenshot of Image 5 – Phishing Scam Announcement Templates