Security Awareness Training

Requesting the ability to set passing scores for managed assignments at the client level, rather than having them apply uniformly at the account level. This would make it easier to meet specific client requirements.

Hi, In the Monthly Reports, it would be greatly beneficial to show who clicked or opened a phishing scenario email. Our customers see a clicking percentage but want to see which user (email address) clicked the phishing link or opened the phishing email. Including which users clicked the links or opened the emails would save us time in manually generating the information for our customers. It would also prevent our customers from spending time reaching out to us to request that information. If the information cannot be included in the Monthly Reports then it would be nice to have the ability to automatically send custom reports to our customers (specific email addresses). Thank you, Mark Tetuan Network Technician Nex-Tech

Would like to have secure coding/ secure development training available with in a single platform along with Security Awareness training. This would assist us with being ISO 27001 compliant.

I would like to be able to mark training as completed. There are times where the user has completed the training but changes are made to the learners and they are sent the training again. This makes it show that the training has not been completed. It would be nice to be able to mark that user has having completed the training without them having to go through it again. Leonard Queen

We have instructed users to email any email they think is phishing to the phishing@ email address provided by Huntress. However currently there is no reply if the email didn't come from a phishing campaign email. We'd like those that are not succesfull reports of a campaign based phishing email to be forwarded to our support team so we can apply some actions due to it being an actual phish attempt.

Until now, I assumed since I saw 2 scenario's each month, that users were getting both of these scenario's delivered at random times throughout the month. Instead it appears there are two scenario's, and users get one of those randomly each month at random times. This seems like a waste of a good scenario and teaching moment. It would be great if there was an option to have both scenario's sent instead of just one.

Many insurers are requiring that users be enrolled in a service that provides general world/nation events regarding security. Would love to see something like this included in SAT. Setting to important, as the service is sometimes required by insurance. I would envision this being an email based service, where users receive a monthly list of recent events that is prettied up in an alerts. An example of a Threat Alert sent out this week (Week of November 11th) could be the following articles: https://www.bleepingcomputer.com/news/security/googles-mysterious-searchapp-links-leave-android-users-concerned/ https://www.cisa.gov/news-events/alerts/2024/11/07/cisa-adds-four-known-exploited-vulnerabilities-catalog https://www.securityweek.com/cisco-patches-critical-vulnerability-in-industrial-networking-solution/ https://www.securityweek.com/steelfox-miner-and-information-stealer-bundle-emerges/

I'd like the ability to either manually set the number of phishing templates used in the monthly managed phishing campaigns or perhaps just have it scaled up based on number of learners in the account. Currently, there are 2 templates chosen for each month. This is fine for small organizations but larger customers may find that these are too easy for the users to catch on to. For example, if there are 200 users, about half will get 1 template and the other half will get the 2nd template. It would be nice for an organization of this size to scale up to 4-5 different templates to keep the users on their toes.

Support confirmed the only ways to set up the new "Manager Notifications" feature are to select Learners and manually enter the Manager's email address, or to configure the "manager" field in your synced provider (e.g.: Entra ID). If you don't have Entra synced, or don't want to use the synced provider's "manager" field value for this setting, it would be nice to have a default "Manager" setting in SAT so you don't have to either rely upon the upkeep of a synced provider's directory or manually enable it for each user - that would be tough to keep up with.

Notify manager when one of their employees has clicked into the phishing email and how far they progressed, ie. compromised.