REVIEW

Proofpoint Essentials Security Awareness Training

Editor's Score
4/5

By Craig MacAlpine
Updated Mar 24, 2023

Proofpoint Logo

Expert Insights Verdict

4/5

Proofpoint Essentials Security Awareness Training (SAT) offers effective content-based training on how to identify email phishing attempts, alongside simulated phishing campaigns to test users’ responses to phishing threats. The platform doesn’t offer a way for users to report simulations, which means that they are punished for failing simulation campaigns, but not rewarded for a correct response. However, the expansive content library (available in a variety of languages) and friendly interface make Proofpoint Essentials SAT a strong solution for SMBs.


Pros
  • Easy to navigate with a user-friendly interface
  • Seamless integration with Proofpoint Essentials Email Security for simplified user management and billing
  • Wide range of training content

Cons
  • No “report phishing” button for users to report simulations
  • Focuses solely on email phishing

Overview

Proofpoint is the world’s largest email security provider, delivering protection to the top five banks globally and more than 50% of the Fortune 100. Proofpoint Essentials is their solution designed for small- to mid-sized businesses, delivering enterprise-grade security at an accessible price point. Essentials comprises two main products: email security and security awareness training. Proofpoint Essentials Security Awareness Training provides businesses with an extensive library of training materials, as well as enabling them to run simulated phishing campaigns, in order to train their users to identify and correctly respond to phishing attempts.

Discover Proofpoint Essentials - Small Business Cyber Security

Key Features

Training Content

Proofpoint offers a wide range of training content in a variety of mediums and covering a range of different topics, including compliance. Training materials can be assigned automatically if a user fails a simulation, or on demand for all users. Proofpoint’s content library includes videos, images and articles, and materials are available in 35 languages, making them highly accessible independent of preferred learning style or language. Videos are between 10-20 minutes long—more difficult for users to consume than the 2–3-minute micro-learning videos that are becoming increasingly popular across the industry.

Phishing Simulations

From the dashboard, admins can create phishing simulations using Proofpoint’s expansive template library, or set up their own campaigns from scratch. Proofpoint’s simulation templates are based on real phishing attacks detected by their global threat engine, training users to identify the most current threats. If a user clicks on a simulation link, Proofpoint delivers just-in-time learning, displaying a video explaining how the user should have responded and why. These videos are customizable; admins can choose which video should be shown, which language it should be delivered in, and whether users should also be offered textual guidance. Generally, Proofpoint’s simulations are very effective. However, the Essentials platform doesn’t currently offer a way for users to report phishing emails. This means that they’re penalized for failing simulations by clicking on a link, but cannot be rewarded for correctly identifying a phishing email.

Management And Reporting

The platform offers native Active Directory sync, making it easier for admins to manage users across their email security and training products—particularly if using Proofpoint Essentials Email Security. However, because of this automatic syncing, Proofpoint Essentials SAT pulls in alias email addresses as well as primary email addresses, so it’s important that admins make sure they aren’t setting training for aliases. On completion of campaigns, admins can access a range of simple reports into campaign results.

Ease Of Use

Proofpoint offers Azure Active Directory sync, making it easy to set up and integrate users, and ensuring that users are onboarded automatically. To ensure simulations aren’t blocked by Microsoft Defender for Office 365, admins must add IP addresses and sending domains to an allow list. Once deployed, Proofpoint’s simple interface is easy to navigate. Admins can create simulated phishing campaigns from a broad range of off-the-shelf templates, or create custom, targeted campaigns by uploading the content of genuine emails they’ve received. Proofpoint then rewrites any links in the email to turn it into a phishing campaign. Proofpoint doesn’t offer automated campaigns. While the interface makes it easy to create simulations and assign training, it lacks sophistication when it comes to reporting; some manual work is required to be able to easily interpret the data—particularly when working with large volumes of reports.

Best Suited For

We recommend Proofpoint Essentials Security Awareness Training to SMBs, and particularly those already using the Proofpoint Essentials Email Security Solution as there’s little cost to add it on to their existing subscription, and it requires little effort in terms of setup when the email security product is already deployed. Proofpoint Essentials SAT is ideal for SMBs looking for easy-to-manage phishing simulations with diverse, out-of-the-box training content. It’s broad content library and lack of “report phishing” button make it best suited to businesses prioritizing training over simulation reporting. In addition, the platform offers little automation; campaigns must be set up manually, and generating reports requires some manual work. Because of this, we’d like to note that SMBs interested in Proofpoint’s solution need to be able to dedicate time to managing simulation campaigns and creating the specific reports they need from Proofpoint’s metadata.

Final Verdict

Proofpoint Essentials SAT is a lower-cost option compared to Proofpoint’s Enterprise SAT product (formerly Wombat Security), offering a slightly reduced feature set. The platform is effective at training users on how to identify phishing attempts, though doesn’t offer an in-built “report phishing” button to enable users to respond to simulations by reporting them. Because of this, users are penalized for clicking on simulation links, but not rewarded for a correct response. However, the expansive content library and ease of navigation make it a strong solution for SMBs looking for comprehensive phishing training on a range of topics. To get the most out of the platform, we recommend that businesses considering Proofpoint Essentials SAT considering buying through an MSP, as this will drastically reduce the management overhead required to run effective simulation campaigns.


CEO and Founder, Expert Insights

Craig MacAlpine is CEO and founder of Expert Insights. Before founding Expert Insights in August 2018, Craig spent 10 years as CEO of EPA cloud, an email security provider acquired by Ziff Davies, formerly J2Global (NASQAQ: ZD) in 2013, which has now been rebranded as VIPRE Email Security. Craig has extensive experience in the email security industry, with 20+ years of experience helping organizations to stay secure with innovative information security and cyber security solutions. Craig delivers these insights to readers with detailed product reviews, comparisons and buyers’ guides.

Company Information
Category Icon
Category

Security Awareness Training

Website Icon
Website

proofpoint.com

Founded Icon
Founded

2002

Headquartered Icon
Headquartered

Sunnyvale, California, US

Suitable Icon
Suitable

SMBs

Proofpoint Essentials Security Awareness Training Awards
Product Award Product Award Product Award
Proofpoint Essentials Security Awareness Training Interviews
Ryan Kalember
Why People Need To Be At The Center Of The Enterprise Cybersecurity Strategy
Read Here
Top Rated Proofpoint Essentials Security Awareness Training Alternatives
Product Image

ESET Cyber Security Awareness Training

4.8/5

Product Image

Phished Automated Cybersec Awareness Training

4.5/5

Product Image

IRONSCALES Security Awareness Training

4/5

Product Image

PsySec Security Awareness Training by Hook Security


Product Image

SafeTitan

Do you work for Proofpoint Essentials Security Awareness Training?