This article presents the main components of SMARTFENSE and explains what each one is for.
1. Awareness and Evaluation
Groups the training and evaluation components designed to modify user behavior.
Includes: Interactive Modules, Videos, Video Games, Newsletters, Exams, and Surveys.
What it's for:
- Building safe habits and a security culture across the organization.
- Measuring user performance through activities that generate reports and campaign-specific indicators.
2. Simulation
Groups the social engineering attack simulation components: Phishing, Ransomware, Smishing, USB Drop, and QR Phishing.
Allows launching controlled, highly customizable campaigns aligned with the organization's real risks.
Phishing Report Button Included within this component. Integrates with Microsoft, Google, and Thunderbird mail clients. Allows reporting suspicious emails with a single click. All report actions are recorded in the audit log.
It is also possible to integrate the Microsoft report button so that users can report SMARTFENSE simulation emails directly from their mail client.
What it's for:
- Measuring real behavioral risk against malicious emails and messages.
- Training users in proactive threat reporting.
- Feeding the Risk Scoring and other key organizational indicators.
3. Multitenant
Allows managing multiple organizations from a single Management Portal, keeping data and campaigns fully segregated.
What it's for:
- Facilitating the management of corporate groups or subsidiaries from a single portal.
- Allowing a partner to manage multiple organizations with individual configurations per instance.
4. Gamification
Includes Badges, Experience Points (XP), Levels, Rankings, and Avatars. These elements integrate with awareness and simulation campaigns to encourage participation.
What it's for:
- Motivating users to actively participate in campaigns.
- Highlighting achievements and progress through Badges and XP.
- Creating healthy competition among users, areas, or groups, reinforcing safe behaviors over time.
5. Integrations
Connects SMARTFENSE with the organization's technology ecosystem. Allows synchronizing users, enabling centralized authentication, sending notifications, logging audits in other systems, and linking awareness with compliance and learning platforms.
User and directory synchronization
- Microsoft Entra ID: user and group synchronization, SSO via SAML, Microsoft Teams integration for notifications.
- Google Workspace: user and group synchronization, SSO integrated with the platform.
- LDAP: user and group synchronization from compatible corporate directories.
Authentication (Single Sign-On)
SMARTFENSE supports SSO with the following identity providers:
- Microsoft Entra ID
- Google Workspace
- Auth0
- Okta
- Keycloak
- SAML 2.0
Other integrations
- Slack: sending notifications and messages related to campaigns.
- Vanta: automatic sending of awareness records for audits and compliance controls.
- LMS (Moodle, SAP SuccessFactors, Cornerstone, and others): integration with existing e-learning platforms.
6. User and Group Management
Centralizes user administration and the organizational structure within the instance. Includes Functional Areas, Hierarchical Levels, Groups, and Smart Groups.
What it's for:
- Reflecting the real structure of the organization (by area, department, hierarchical level, country, etc.).
- Synchronizing users and groups from external directories such as Microsoft Entra ID, Google Workspace, or LDAP.
- Defining administrative roles, enabling MFA, and controlling access.
- Using Smart Groups to automate the inclusion of users in campaigns based on specific criteria.
7. Content
Includes catalogs and multi-catalogs of awareness content in different formats, languages, and regions.
What it's for:
- Offering up-to-date, contextualized content for end users.
- Providing materials designed for different countries and languages.
- Allowing each organization to create its own customized catalogs.
- Adapting content to the culture, brand, and internal policies of the organization.
8. Differentiators
Features that complement the awareness program with automation, regulatory compliance, and advanced customization.
- Nudges: brief messages triggered by risk events, sent via email, Slack, or Microsoft Teams to influence user behavior at the right moment.
- Interventions: automatic actions in response to a specific event (for example, notifying a Webhook when a user enters data in a phishing simulation).
- Regulatory compliance management: allows demonstrating the level of compliance with regulations such as GDPR, ISO/IEC 27001, and the NIS 2 directive. SMARTFENSE content is mapped to specific clauses of each regulation.
💡 Best practices
- Combine Simulation with Awareness and Evaluation to close the measure–train–evaluate cycle.
- Keep groups and Smart Groups up to date to target campaigns to the right audience without manual effort.
- Use Gamification as positive reinforcement: assign Badges and XP to key actions such as reporting phishing, passing exams, or completing content.
- Integrate SMARTFENSE with your existing ecosystem (Microsoft Entra ID, Google Workspace, LDAP, Slack, Vanta, LMS) to reduce manual tasks and facilitate auditing.