Phishing Training Designed for People. Built for Enterprise.

Cognitive automation enables individual learning paths that motivate people to recognize and report real attacks.

Your biggest security risks start with email​

90% of breaches start with email. Focus your training where it's needed most.

Email-based threatsEmail-based threats

Build on success. Learn from failure.

Punishment-based training doesn’t work. Hoxhunt rewards people with gold stars for success and gives microtrainings after failure to build skills along a gamified learning journey.

Behavior training has 1 to 3 microtrainings / month
Rewards employees for successful responses, and automatically re-inforces lessons after failures
Training on success and failure
Continuous microtraining with awards

Training individuals, not groups

Learning happens at the boundaries of knowledge, which Hoxhunt expands with individualized training. Not too hard. Never too easy. Always engaging.

Hoxhunt gives automated reinforcement training on weakest skills
Hoxhunt automatically selects attacks based on employee's skill, role and location
Hoxhunt automatically creates individual learning paths for each employee
Adaptive phishing training

Bite-sized experiences, not tedious e-learning.

Hoxhunt assesses and expands individual abilities with quick micro-trainings based on in-the-moment responses. This motivates long-term engagement and optimal email behavior.

Individual reward mechanism enables progression of skill
Game mechanics designed to reward active reporting behavior
Lightweight, high frequency training, enabling in-the- moment learning
Instant feedback on phishing report

Turn real phishing emails into powerful training experiences.

Employees are rewarded in real-time with in-the-moment analysis of the real email attacks they've just reported.

Reduces employee incident burden with real-time analysis
Enables in-the-moment training for zero-day threats that have never been seen before
Employees receive immediate analysis and feedback for suspected threats
Microtraining awards

More than a tool

Hoxhunt automatically builds, trains and tunes the optimal training path for each one of your employees.

Automatically crafted C-level report handouts
Automated user provisioning and deprovisioning
Fully automated individual training
Automated phishing training
meaningful metrics

Increase the reporting rate up to 70%

Phishing reporting rate
Why is reporting rate so crucial, yet so underperformed?

Reporting email threats is fundamental to cybersecurity. The reporting rate correlates to overall risk of a breach. It is pivotal for measuring a program’s progress and effectiveness. And yet most employees lack a basic understanding of how, why, and what to report. Even if they recognize a phishing attack, they don’t know how to report it.

How do we turn that around?

Reward reporting and make it easy to do! Hoxhunt’s gamified phishing training is built on hitting the Hoxhunt reporting button. This hardwires threat reporting as an instinctive behavior. In both simulated and real attacks, employees are incentivized to use a single, simple process to report suspicious emails.

Reporting threats directly impacts security posture. Hoxhunt connects the threat feed to SOC to help stop active attacks and expedite discovery and remediation of real attacks. Enables feedback cycle to the technical filters.

Decrease the failure rate to just 2%

Phishing failure rate
Why is failure rate so misunderstood?

Failure rate is an important metric for evaluating risk-when done right! Over half the enterprise must participate actively and frequently, and the threat simulations must adapt to the user’s skill level over time. Low sample size yields an irrelevant risk assessment; while easy attacks will at best falsely satisfy an awareness program’s failure rate KPI.  Such empty metrics falsely portray the organization’s true risk and resiliency.

How do we turn that around?

Make the data meaningful. Our adaptive learning model is informed by 30 to 40 data points per employee per year, rather than the typical 4 to 12. Our personalized, people-based curriculum adapts to the user’s skill level over time to motivate engagement and increase awareness against all sorts of attacks. As a result, failure rate becomes directly correlated to true risk and resilience.

Increase the resilience rate to 35

Resilience rate calculation
Why is the resilience rate important?

This one, clear metric captures the overall performance of your phishing awareness program and the email security posture of your organization. High resilience means low risk. Resilience rate is the ratio of employees reporting attacks to those failing them.

What benefits are conferred by a high resilience rate?

Resilience rate is a handy metric for reporting risk posture and awareness training progress over time to leadership. Resilient employees are more likely to report attacks than fall for them, and a high resilience rate means your employees will collectively protect your company even if a few are vulnerable to attacks. With Hoxhunt’s adaptive training algorithm, the resilience rate becomes more meaningful over time as individual employees are challenged with increasingly sophisticated simulations.

read more about metrics that matter

The Guide to Cybersecurity
Training Metrics

Behavior-changing training is a measurable way to make
a positive impact on your defences.

Download the whitepaper