Security Awareness training FAQ

Security Awareness software training packages

Our Security Awareness software training package comprises of multiple products that contribute to the goal of driving security awareness:

  • uLearn, our cloud-based security awareness training courses for end users
  • uPhish, our simulated phishing solution
  • uBreach, our email exposure checking tool
  • uPolicy, our policy management solution

These solutions are all brought together by Risk Score, which provides an overall evaluation of your organisation’s current and past human cyber risk.

  • uLearn is a user-focused security awareness training solution that helps organisations drive secure employee behaviour.

    Packed with an extensive library of interactive, video and blog-style content, uLearn offers engaging and continuous computer-based training – easily managed through intelligent automation.

    With uLearn, you can:

    • Quickly deploy a continuous security awareness training programme
    • Reduce the likelihood of human-caused data breaches
    • Develop a security-minded culture that can combat modern-day threats
    • Cut remediation time and cost caused by internal cyber incidents
    • Aid your efforts in achieving regulatory compliance

    Some of uLearn’s key features:

    • Intelligent automation that eliminates repetitive admin tasks and ensures continuous user training
    • Extensive library of infosec, compliance and custom-built courses – with new additions each month
    • Individually-tailored programmes that identify and strengthen the user’s largest knowledge gaps first
    • Bite-sized courses – including video, interactive and blog-style content
    • Easily view user progress from your data-driven dashboard
  • uPhish is an intuitive cloud-based phishing software that enables you to quickly assess user vulnerability towards real-world phishing attacks.

    With uPhish, you’re able to identify which users are susceptible to both common forms of phishing and highly-targeted forms of ‘spear phishing’.

    With uPhish, you can:

    • Accurately determine user vulnerability towards phishing
    • Identify users that need urgent phishing awareness training
    • Reduce the likelihood of users falling victim to future phishing attacks
    • Develop a security-minded culture in your organisation

    Key features of uPhish:

    • Automated phishing (AutoPhish): uPhish can deploy regular phishing simulations with our new ‘AutoPhish’ feature – allowing you to assess user performance over time.
    • Realistic template library: Discover a library of phishing emails and landing pages impersonating trusted organisations, banks and more.
    • Create custom emails and landing pages: Craft your own simulated phishing campaigns, impersonate internal communications and more.
    • Inline training: Automatically send out additional training content to users who become compromised in phishing simulations.
    • Real-time tracking: See how your users interact with your simulations in real-time, giving you a key insight in how users will perform during a real attack.
    • In-depth reporting: View the individual performance of your users or assess your organisation in departments or as a whole – with custom reporting.
  • uBreach enables you to quickly identify exposed employee email accounts and identities that have been publicly disclosed online via third-party data breaches.

    With billions of credentials present in data dumps, paste sites and hacking forums, employees that sign up to third-party services with their work email address could be leaving your organisation at huge risk of social engineering, business email compromise (BEC) and other damaging attacks.

    With uBreach, you can:

    • Identify exposed employee accounts: uBreach identifies accounts that are exposed on paste sites, data dumps and hacking forums
    • Locate what employee data is exposed: Common data includes email addresses, passwords, usernames etc.
    • Help prevent data loss: Locating these at-risk accounts enables you to safeguard users from social engineering and BEC attacks
    • Obtain actionable steps: By using the security awareness software, uLearn, enables follow-up user training on security best practice

    How uBreach works

    • Step One: Conducts a deep web search through data dumps, paste sites and hacking forums
    • Step Two: Identifies users that have had account information exposed online
    • Step Three: Collates your users’ results into an easy-to-digest format, accessible from your usecure dashboard

    uBreach key features

    • Quick web search enables you to rapidly identity exposed accounts
    • Gathers high-level data (i.e., number of exposed accounts & source of breach) neatly into your usecure dashboard
    • View each user’s exposed data breakdown from their usecure profile
    • 100% free with your subscription
  • uPolicy allows you to easily create and manage your company’s policies.

    Having the right policies is essential for protecting your company. Policies help you set out your expectations for your employees in terms of security and their conduct in the workplace, as well as meeting compliance requirements and reducing risks.

    With uPolicy, you can:

    • Establish rules, standards and best practices for your employees and workplace
    • Ensure policies have been read and signed by all end-users
    • Contribute to a security culture and build a safe environment at your workplace
    • Aid your efforts in achieving regulatory compliance

    uPolicy’s key features:

    • Pick ready-to-go policies for your company: With our library of security policies that meet industry standards you won’t have to waste time writing policies from scratch.
    • Customise policies or create your own: You can customise our policy templates as you wish, or upload entirely new ones to meet your needs.
    • Upload your existing policies: Upload PDF files to transfer your existing policy set to the uPolicy library.
    • Easily send out policies to your end-users: Choose whether to send out policies to all users, individual users, or just to certain groups or departments, and ensure smooth roll out in just a couple of clicks.
    • Manage signing of policies: Once you have sent out your policies for signing, you can see how many users have signed the policy straight from the uPolicy dashboard.
  • Risk Score is a way to visualise the human threat to your organisation. It includes both an individual Risk Score for each of your users, and an overall Risk Score for your company.

    What is the benefit of Risk Score?

    Risk score allows you to assess the level of human error that your end-users are likely to commit. It allows you to gain an understanding of the general level of security awareness present in the organisation, as well as providing you a breakdown by group or department. This helps you assess whether training has been effective, and prioritise the most imminent gaps in awareness.

    How is Risk Score calculated?

    Currently (as of November 2019) Risk Score is calculated using uLearn performance. Course performance data is calculated to display an individual Risk Score for each user, as well as being aggregated together in the overall Risk Score to show a holistic overview of your organisation’s level of human risk.

    What do the scores mean?

    The Risk Score algorithm sorts all users into three categories: Low, Medium and High.

    • A user with a Low Risk Score has performed well in their training and has a good level of security awareness.
    • A user with a Medium Risk Score has had moderate success in their training and may be more likely to make security mistakes.
    • A user with a High Risk Score has a lower level of security awareness and is likely to need extra training and guidance to reduce the possibility of human error in situations where security is at stake.