The AWM platform enables companies to carry out realistic phishing simulations. This allows employees to gain practical experience and improve their skills in recognizing and dealing with phishing emails, which significantly reduces the risk of successful phishing attacks.

Protect yourself now against all types of phishing simulations with our wide range of sensitization solutions.

• Drive-by phishing: In this simulation, the user is tricked into clicking on a link to a simulated malicious website. When the user clicks on the link, they are taken directly to a teachable moment.
• Phishing for data entry: This simulation attempts to trick the user into entering their login credentials or other information on a fake website. Users are then sent to a teachable moment.
• Phishing simulation with attachments: This simulation is designed to trick the user into opening a simulated malicious PDF, DOCX, DOC, HTML or XLSX file attachment. When the employee opens the file, a teachable moment is displayed.
• USB simulation: A physical USB stick is used here to simulate a hardware-based malware attack. After connecting the USB stick and opening the file, the user is forwarded directly to a teachable moment.

The AWM platform offers a wide range of over 104 education and training modules that provide knowledge about cybercrime, social engineering and other security aspects in an interactive and engaging way.

These modules, in over 42 languages, are specifically designed to continuously raise employees’ awareness and strengthen their security skills.

Our education and training modules offer something for everyone: whether you are new to the subject or already an expert, we have the right target group category for you. Choose between basics, beginners, advanced and experts to build up or deepen your knowledge – depending on your individual level of knowledge and skills.

Discover the diversity of adaptive learning! Our different categories of knowledge transfer have been developed to meet your individual learning goals. No matter what topics you are interested in or what skills you want to develop, we offer customized content to help you reach your full potential.

• Email & Social Engineering: Phishing and social manipulation go hand in hand. In this section, we cover in detail threats from email-based phishing and social manipulation tactics. We also explore the use of emotional manipulation by attackers in other communication channels. Learners will gain experience in recognizing and avoiding scams, from the obvious to the more sophisticated.
  
  
• Mobile devices: Mobile devices are playing an increasingly important role in our lives, both personally and professionally. This section covers best practices for protecting mobile devices and the data they contain, as well as ways to respond to potential incidents. Learners will understand the security risks associated with Wi-Fi, Bluetooth and other mobile technologies, as well as the implications of interacting with malicious applications and other dangerous content.
  
  
• Cloud & Internet Security: Accessing information, resources and services via the internet and cloud is necessary for organizations, but not without risk. This area covers threats in the online and cloud space with a focus on developing learners’ ability to recognize potentially malicious content. Learners will understand their role in protecting their own security online, including on social media and when using cloud-based resources.
  
  
• Password & Authentication: Secure authentication is required to protect the integrity of information, resources and services. This section covers options for securing devices and accounts as well as how to detect and respond to compromised accounts. Learners will understand best practices for creating, storing and updating passwords, as well as recognizing and countering illegitimate attempts to access their credentials or accounts.

• Data Handling & Security: Secure data handling is at the heart of every organization’s mission, not just its security program. This section introduces data classifications and explains key practices for protecting organizational and personal data both in transit and at rest. Learners will understand the impact of unauthorized disclosure and recognize their role in handling data securely throughout its lifecycle.
  
  
• Physical Security & Remote Working: Implementing physical security measures as part of a defense-in-depth strategy becomes more complex as an organization’s workspaces become less centralized. This area covers traditional physical security measures in the workplace as well as physical and cybernetic controls that should be applied when working from home or traveling. Learners will understand their role in protecting physical and digital assets both inside and outside of a conventional working environment.

• Insider Threats: Every organization needs employees to function effectively, but not all employees act in the best interests of their organizations. This area covers motives, impacts and potential indicators related to insider threats. Learners will understand both intentional and unintentional insider threats as well as actions they can take to reduce the risk in their organization.
  
  
• Compliance: Organizations ensure that controls are in place to be aware of and meet applicable legal, regulatory and contractual compliance obligations as well as internal company standards. This area will review the underlying principles of compliance standards as well as provide more detailed information on specific frameworks. Learners will understand their own role in compliance and how to raise concerns or potential breaches.

• Security Organization: Although security is everyone’s responsibility in an organization, there are individuals, teams and processes that work to enable the adoption and support of a security culture. This section covers the technologies, policies, procedures, expectations and responsibilities that make up security operations.
  
  
• Secure Developer: Developers face the challenge of creating, updating and supporting software in an ever-changing threat landscape. This section introduces common vulnerabilities and security pitfalls. It also covers best practices in the secure development lifecycle that address widespread risks.

By conducting regular knowledge checks, companies can monitor employees’ learning progress and offer targeted material to identify and close knowledge gaps.

This promotes continuous improvement in safety awareness and helps to ensure that employees are always up to date with safety risks and procedures.

To ensure that knowledge assessment is effective and that employees are actively involved, we offer different types of knowledge checks. This variety allows employees to test and deepen their knowledge in different ways, which contributes to a more comprehensive and sustainable learning and development strategy.

The AWM platform includes an intuitive dashboard that provides a variety of key figures for evaluating and analyzing simulations, knowledge transfer and knowledge queries.

These can be evaluated either anonymously or user-based. The platform also allows you to export the results and display graphics to give you a quick overview.

The reporting provides detailed information on how many employees opened emails, clicked on links or even disclosed their user data during the simulation. It also logs which employees have opened file attachments, giving you a comprehensive overview of your employees’ behavior.

In the platform, each employee can be assigned specific roles with different functions. This ensures that the administrative rights are correctly distributed according to the respective responsibilities. The following roles and functions are available to you:

• Tenant Administrator
• ReportingAdministrator
• Training Administrator
• Phishing Administrator
• User Administrator

The administration and creation of users requires the mandatory attributes first name, surname and e-mail address. In addition, optional attributes such as department, area and entry date can be added. This information ensures that your measures reach the right recipients. User groups are automatically created based on the defined attributes. Specific phishing simulations and knowledge transfer can be assigned to each user group to enable targeted training and awareness-raising.

User management can be handled manually or automatically via an interface connection.