Introducing three new products and Hoxhunt 2.0: The comprehensive Human Risk Management Platform

It’s not why. It’s how. The Hoxhunt mission to counter people-targeted attacks with a people-first approach is unchanged. But our platform has dramatically evolved beyond the awareness and compliance category to measurably change behavior and reduce human risk, which is responsible for 83% of data breaches according to the Verizon DBIR. Conceived in 2016 as a people-first security awareness and phishing training solution, the new Hoxhunt Human Risk Management Platform extends our mission by comprehensively facilitating compliance, security behavior change, and enhanced threat detection and response capabilities. And it's all automated to achieve resilience without resources. Here’s why that matters.

Post hero image

Table of contents

Passing a quiz or watching a snazzy video about cybersecurity doesn’t actually foster new skills in employees, grant visibility to security teams, or lower risk for organizations. So why stop at awareness and compliance when you can harness human intelligence and stop threats in their tracks?

In today’s cybersecurity landscape, humans are targeted more often and by increasingly more sophisticated attacks. One bad click can compromise the whole ecosystem and corrupt the surrounding supply chain. Hackers are targeting people to take you and your ecosystem down. That’s why solutions should target people too, and not just for compliance.

Just look at what’s stated in the Nov. 16, 2022 Gartner report, Innovation Insight on Security Behavior and Culture Program Capabilities, in which Hoxhunt is recognized as a representative provider.

Gartner Innovation Insight on Security Behavior and Culture Program Capabilities Report. Screenshot and call-to-action to view report
New capabilities are emerging to meet the demand for improved human risk management. These security behavior and culture programs (SBCP) capabilities focus on risk reduction via tangible employee behavior management. Innovative solutions build their services based on behavioral science principles, and use data analytics and automation to reduce risk exposure via measurable culture change.

– Innovation Insight on Security Behavior and Culture Program Capabilities, Gartner


What if one platform could do it all? Imagine being able to exceed compliance; create lasting behavior change; and ultimately boost threat detection and response capabilities. Such an integrative, multi-functional approach is possible. And it’s a game-changer.


“Before Hoxhunt, we didn’t know what kinds of spam and phishing emails our users were getting. We trained users to delete suspicious emails. But now, with Hoxhunt, it’s a game changer because we tell employees to report all suspicious emails. This gives us visibility into ongoing real phishing campaigns so we can react with activities like URL blocking and IP address blacklisting."




The Hoxhunt Human Risk Management Platform: a protect-detect-respond engine


Hoxhunt, already the world’s leading security awareness and phishing training solution according to G2, is introducing three new products for our revamped, AI-enabled platform. Each product is designed to work together to achieve greater resilience with fewer resources.

Today’s CISO knows that stopping at awareness for regulatory and audit compliance means falling short of the real goal: improving risk posture. And that goal is more critical than ever as attacks get fiercer while cybersecurity insurance gets thinner and regulations get stricter. The AI-enabled platform offers three new products that can be aligned with an organization’s security maturity.

  • The new Comply product enables security awareness programs to be delivered automatically, with minimal hassle and effort. From choosing the curriculum to customizing training content, Hoxhunt Comply lets security leaders build a comprehensive program at the click of a button. 
Hoxhunt Comply product view example.
  • The Hoxhunt Change product is an enhanced version of our core security awareness and phishing training, but combined with instant feedback, which ensures that employees continue to learn and are rewarded for reporting threats even in the real world when they detect real threats with the Hoxhunt button. The AI platform delivers individualized, adaptive training experiences for employees at the edge of their skill levels. The platform assesses and expands individual abilities with quick micro-training nudges based on in-the-moment responses to both real and simulated phishing attacks. 
Hoxhunt Change product view example.
  • Respond helps make sense of the threat feed to the SOC and automatically pinpoints the incidents that need attention. The Hoxhunt platform analyzes over 93,000 newly reported threats every day that have bypassed traditional security technology layers.
Hoxhunt Respond product view example.

Hoxhunt is the one platform designed to induce exponential increases in threat reports and automatically analyze them. Once people learn to report suspicious emails as a reflex, the Hoxhunt AI automatically classifies the deluge of threat reports to stop attacks before they spread and let the security team focus on the incidents that matter.  

"One Fortune 500 US tech company compared phishing simulation results of their 1,000 worst performers, who were trained with Hoxhunt for three months, against 1,000 of their best. The overall population had an 11.5% fail rate and 29% success rate, while the Hoxhunt test group performed at 8.6% fail rate and 41% reporting rate. Before Hoxhunt, the test group consistently showed fail rates from 30% to 50% in tests and dreadfully low reporting rates. Few results have better demonstrated exponential improvement of cyber behavior."

– Mika Aalto, co-Founder and CEO of Hoxhunt

Another leading US tech company has reported to leadership that they actually save four FTEs of SOC analyst work a month by using the Hoxhunt Response platform to automatically categorize and prioritize the thousands of monthly threat reports from the company’s tens of thousands of employees.

This union of human intelligence and AI has inspired Finland’s largest telecom provider to reconsider employees as “human threat detection sensors.” In a benchmark study, they independently performed comparing phishing simulation failure rates of 2000 traditional awareness-trained employees against 1,000 Hoxhunt-trained employees, the Hoxhunt users were 20 times less likely to click on a malicious link (failure rate of 1% vs. 20%).

Benchmark study. Hoxhunt-trained employees were 20 times less likely to click. Bar graph illustration.
“We started with security awareness but later, as the Hoxhunt Response Platform developed, we integrated awareness results into our core security stack. Our awareness threat intelligence helps drive our board reporting and security strategy. As our employees began reporting more and more real threats, we realized we were developing a human sensor network. With the automation of the Response Platform, Hoxhunt provided a good way to connect the technology with the people and processes of our security system and improve overall threat detection and response.”



The Hoxhunt Human Risk Management Platform is designed to understand your people in order to transform them into security assets. For the first time, people can be integrated into the security stack for next-level threat detection and response capabilities.

World Economic Forum, The Global Risks Report 2022. Statistics from page 45.
“Hoxhunt is different from the competition because it integrates the human layer with the technology layer. It connects people, processes, and technology. People must be in the center of everything and with Hoxhunt, the people are in the center and integrated as critical elements of the security tool stack.”
Manfred W., Information Security Officer


According to the World Economic Forum, 95% of data breaches can be traced back to human error, mostly from clicking on targeted phishing attacks. Hoxhunt delivers high-ROI resilience with minimal resources by automatically integrating human threat intelligence—which is the only way to catch the millions of sophisticated phishing attacks that evade technical filters each year—into the security stack.  

“Employees are often overlooked as a part of an organization’s security stack and attackers continue to exploit this oversight. They count on employees receiving generic awareness training geared for corporate compliance goals, initiatives which fail to alter employee cyber behavior or create threat detection skills. Attackers target people, and Hoxhunt was established to do the same but as a solution. With our human risk platform, organizations can significantly alter their employees’ security skill levels to create a strong human threat detection engine when attackers bypass technical layers.” 

– Mika Aalto, Co-Founder and CEO at Hoxhunt.


Hoxhunt’s full-stack, AI-driven platform delivers: 
  • Increased Visibility: Provides visibility into the true risk of an organization’s human layer and the threats that have (or could have) infiltrated their systems.  
  • Measurable Risk Reduction: Hoxhunt transforms employees into security assets, creating a global human threat sensor network to detect and eliminate email threats that slip past your technical protections. Hoxhunt drives the failure rate to just 2%, compared to 25% when using alternative phishing tools. 
  • Streamlined Reporting: Maintains full control and visibility of employee training progress across departments, automatically generating reports that CISOs can utilize to translate program value and improvements in organizational security posture. 

Since its inception, Hoxhunt has helped some of the world’s leading companies graduate from security awareness training into security behavior change and human risk management, including Airbus, DocuSign, Kaercher, and Victorinox. The company has also received numerous accolades in recent months. Hoxhunt was named a Best Software Company (EMEA) by G2 and received three awards from TrustRadius for security excellence.  

To see Hoxhunt in action, please visit: 


About Hoxhunt 

Hoxhunt helps security leaders and employees join forces to prevent data breaches. Hoxhunt is a Human Risk Management platform that goes beyond security awareness to drive behavior change and measurably lower risk. Data breaches start with people, so Hoxhunt does too. It combines AI and behavioral science to create individualized micro-training experiences people love. Employees learn to detect and report advanced phishing attacks. Operations teams respond fast with limited resources. And security leaders gain outcome-driven metrics to document reduced cybersecurity risk.  

Want to learn more?
Be sure to check out these articles recommended by the author:
Get more cybersecurity insights like this