Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.
N/A
Hoxhunt
Score 9.5 out of 10
N/A
Hoxhunt, headquartered in Helsinki, empowers employees to shield their organisations with adaptive learning flows that transform how employees react and respond to the growing amount of phishing emails.
N/A
Pricing
Cofense PhishMe
Hoxhunt
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense PhishMe
Hoxhunt
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
Optional
Additional Details
—
—
More Pricing Information
Community Pulse
Cofense PhishMe
Hoxhunt
Features
Cofense PhishMe
Hoxhunt
Security
Comparison of Security features of Product A and Product B
Cofense PhishMe
7.8
Ratings
9% below category average
Hoxhunt
9.8
Ratings
14% above category average
Single sign-on capability
7.40 Ratings
9.80 Ratings
Role-based user permissions
8.20 Ratings
9.70 Ratings
Security Awareness Training
Comparison of Security Awareness Training features of Product A and Product B
It's a very apt tool for the scenario where there are multiple users and verticals in an organisation. Phishing Campaigns and recording their response actions is quite easier through this tool. Not suitable for a small organization (less than 500) that can maybe use some open tools or self-made emails for campaigns.
If emails are used for confidential communication, Hoxhunt is a HUGE benefit. I have caught myself feeling lax over emailing and clicking links. Hoxhunt makes you really evaluate safety and legitimacy of the emails that are received. We even have laughs about it at staff meetings where staff admit to getting "hoxhunted" and clicking a fake link.
Training Packages - They cover a wide range of topics that spam emails, social media and physical security such as USB sticks
Achievements as incentives - The gaming style of collecting achievements and stars for reporting emails or completing training incentivizes people to engage in a consistent and enthusiastic way.
Training Emails - They are able to replicate phishing emails in a realistic way, so it isn't easy to spot straight away meaning we now look at every email with a critical eye which makes us safer.
Many of the URLs come in with an unknown reputation and although it may be challenging from threat intel feeds, somehow allowing a more in-depth analysis of the URL can provide better/quicker decision making or validation.
Adjustable widgets for reporting, although the provided are already built very well.
Provide in-house templates or summaries of actionable items, such as a single brief on a major phish.
More training opportunities - The Hoxhunt page itself only has a few training modules which I have completed already
An even spicier spicy mode - Scammers are always evolving, so I want to be able to identify the toughest phishing attempts.
Eliminate "missed" emails. Sometimes I don't read my inbox right away. I don't think emails should count as "missed" just because I didn't report it within a few days.
Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
it is very easy to use. it is clear and provides information as to why the type of email is one to look out for. It automatically takes you to the required information when you have spotted that it is a Hoxhunt email.
I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
PhishMe is a market leader in terms of phishing simulation solutions. The customization appears unmatched when compared with competitors and the support we have experienced from Cofense has been excellent. Phish me offers lots of realistic templates which are updated regularly which is far ahead of other solutions. Phish me also provides lots of detailed statistics as well as high-level numbers which are really useful for some clients who want details, and others who only want high-level overviews.
Symantec was something I used in my previous company, it had some issues once in a while where I had to re-generate the code for my new ID. I know its for over all protection, but if I didn't have my phone that day, I'd be unable to log in. Hoxhunt helps that way as there is a SSO authentication and needs the fingerprint, I guess it works different for different companies based on their regulations and privacy protection. Haven't really used any other tool like this
From a normal user's perspective, it's an easy and fast, very very user-friendly phishing email reporting structure. No need to remember any email address, no need for sophisticated handling of malicious emails while sending/ reporting. Just a click and it is done.
From the admin and analyst point of view: Easy and clutter-free triaging pane, IOC reputation check facility, Rules and Recipes section for automation and focused triaging, Notification to the reporter based on the triaging done is really a helpful feedback loop.
Overall: Simple to handle, less learning curve, well managed, less administration time, fewer issues, less maintenance time.
I have been able to identify and report 3 real scam emails thanks to Hoxhunt.
Unfortunately I have no data of the overall company's benefit with regards to the use of Hoxhunt.
The training has also been helpful to me in my personal email. I think that helps with work productivity, because I haven't been in the situation where I'm worrying about having been scammed outside of work.