Proofpoint ThreatSim

Problems that solves

Risk of attacks by hackers

Decentralized IT systems

No IT security guidelines

Risk or Leaks of confidential information

Shortage of inhouse IT resources

High costs of IT personnel

Risk of data loss or damage


Ensure Security and Business Continuity

Manage Risks

Proofpoint ThreatSim

Engage your end-users and arm them against real-world cyber attacks, using personalized cybersecurity training based on industry-leading threat intelligence.


To educate end users without wasting time, you first need to identify their individual vulnerabilities, as well as broader cybersecurity concerns for your organization. Our ThreatSim® Phishing Simulations help you assess users’ susceptibility to phishing and spear-phishing attacks, with email templates based on real phishing lures spotted “in the wild” by Proofpoint threat intelligence. We also offer CyberStrength® Knowledge Assessments, a powerful web-based tool that helps you measure users’ understanding of critical cybersecurity topics and track progress over time, driving continuous improvement.

ThreatSim® tests your organization’s susceptibility to a variety of phishing and spear-phishing attacks. Unlike other phishing simulation tools, we provide Dynamic Threat Simulation phishing templates based on current lures spotted “in the wild” by Proofpoint’s industry-leading threat intelligence.

With thousands of different phishing templates across 35+ languages and 13 categories—and more added each month — you can evaluate users on multiple threat types, including:

  • Malicious attachments
  • Embedded links
  • Requests for personal data

Wide Variety of Customizable Templates

The ThreatSim phishing tool supports more than thousands of templates across more than 35 languages. Our variety of templates address three key testing factors: embedded links, requests for personal data, and attachment downloads (.pdf, .doc, .docx, .xlsx, and .html). Average failure rates calculated from assessments sent by all customers for each template are visible within the phishing tool, which allows administrators to gauge difficulty prior to campaign creation.

Dynamic Threat Simulation

Using real, “in-the-wild,” threat intelligence data from our Targeted Attack Protection, we deliver new ThreatSim phishing templates to help create simulated attacks that will challenge the user’s ability to respond to the most relevant threats. Administrators can customize the content in any template, or create their own. This flexibility allows organizations to quickly and easily create timely phishing tests that mimic threats seen in the wild and within their own networks.

Teachable Moments

We strongly suggest that all employees who fall for a ThreatSim Phishing Simulation be automatically presented with an “intervention message” (which we like to call a Teachable Moment). By utilizing “just-in-time teaching” at the moment an employee interacts with a mock phishing email, Teachable Moments explain what happened, outline the dangers associated with real attacks, and give practical advice about avoiding future traps.
We offer several formats — including static and animated landing pages, short videos, and interactive challenges — for our Teachable Moments and allow you to tailor the message as you see fit. A selection of static landing pages is available in 17 languages, which allows your global employees to view key messages in their native languages. You can also opt to route clicks to your own internal messaging.


We were the first-to-market with this time-saving and behavior changing feature that allows you to automatically assign follow-up training to anyone who falls for a ThreatSim Phishing Simulation. While you can still assign training to everyone, Auto-Enrollment allows you to quickly deliver targeted training to your most susceptible end users first. This approach can dramatically improve the efficiency of your program and engage those who need the most attention.

Multinational Support

Multinational support allows administrators to deliver simulated attacks and Teachable Moments in dozens if languages which means you can assess your global employees in their native language.

PhishAlarm and PhishAlarm Analyzer

Our PhishAlarm one-click email reporting tool is available to install at no cost. This email client add-in allows employees to report suspicious messages to your security and incident response teams with a single mouse click. We recommend adding our PhishAlarm Analyzer anti-phishing email analysis tool, which utilizes machine learning to prioritize emails reported via PhishAlarm and enables faster remediation of the most dangerous threats on your network.

System Click Exclusion

System Click Exclusion is a feature built into ThreatSim that identifies and isolates phishing simulation interactions initiated by email protection tools. This patented approach ensures an accurate view of risky end user behaviors and enables productive and efficient security education programs.

What does this provide?

  • Accuracy - A mechanism to ensure an accurate view of end user interactions (versus clicks from email gateways) in phishing simulations
  • Intuitive UI - An easy-to-use interface for creating System Click Exclusion rules for multiple system interactions based upon IP address or user agent
  • Reporting - Easily identify the interactions from systems instead of users to validate that all interactions are being captured
  • Integration with TAP - A seamless experience for Targeted Attack Protection (TAP) customers because the customer’s email protection tool clicks are already systemically whitelisted through existing integration between the ThreatSim product and TAP

Random Scheduling

This option allows you to spread out the distribution of phishing simulations to minimize the impact to your email servers and IT helpdesk. Paired with the ability to use multiple simulated attack templates in a single assessment campaign, these functions reduce the chances that employees will figure out – and discuss – the phishing test, which helps provide the purest test of end-user susceptibility.

Valuable Business Intelligence

ThreatSim provides extensive analytics and reporting about employee responses to various phishing attack scenarios. You’ll also know whether employees fell for an attack through a mobile phone, a tablet, or a computer; the browsers they were using; and their locations when they fell for the attack.

Weak Network Egress and Vulnerability Checks

ThreatSim offers an optional Weak Network Egress function, which can help detect data egress from users’ PCs and, as a result, allow security personnel to identify and modify security controls to reduce potential threats. Administrators can also check for browser vulnerabilities with the capability to flag out-of-date (and potentially vulnerable) third-party plug-ins on end-user PCs.

Transaction Features

Partner average discount

Deal protection

Average deal size

Average deal closing time

Scheme of work

 Scheme of work

User features

Roles of Interested Employees

IT Security and Risk Management

Chief IT Security Officer

Chief Information Officer