Security Awareness Training Platform (KMSAT) Change Log

May 2018

• A new module for Gold, Platinum, and Diamond-level subscriptions was added to the ModStore:
  • 2018 Common Threats, Part 2 - Kyle's Story
• Enhancements were made to our Security Roles feature, allowing you to further limit permissions to only include specific, "targeted groups". See our How to Use Security Roles manual for more information.
• Banners will be added to new, updated, and soon-to-be-retired content in the ModStore. See here for more information on the "Retiring Soon" banner. 
• Employee number option was added to Smart Groups.
• Benchmarking data settings on the Dashboard will be saved whenever changed. The setting is at the account-level, meaning all admins on the account will see the same saved settings.
• If you're using our server-based Phish Alert Button (PAB) with Mac OSX, we recommend upgrading to the latest version of High Sierra (10.13 or newer) if you experience issues. See our PAB compatibility matrix.
• You can now remove failures from your phishing tests. All failure types can be removed from a user's timeline (on their individual profile page) or from within an individual Phishing Campaign's report.
• Changes to the Training Campaign Creation Screen were added:
  • The "Courses" dropdown has been modified to allow sorting by Published date, Duration, and Title.
    • Retired courses will also be hidden by default on this dropdown, but can be displayed if desired. 
  • The order of courses can now be changed by dragging and dropping the selected courses in the order they should be prioritized. 
• 17 new modules have been added to the ModStore from publisher ThinkHR for Diamond-level subscriptions. These courses cover a variety of topics, including (but not limited to) sexual harassment, bullying, campus security, and diversity.
  • To browse all ThinkHR courses, access the MODSTORE tab from within your console and beneath the Publisher filter, click "ThinkHR".

April 2018

• Mailserver Security Assessment (MSA) was released. This tool allows you to test your email security controls and mail server with over 30 different types of email messages. Using this tool will provide you with the knowledge you need to understand the types of emails and email attachments that can reach your end users.
  • See our product manual here: MSA Product Manual
• Modules for Diamond-level subscriptions were added to the ModStore:
  • OWASP Top 10
  • Executive Awareness and Leadership
  • Computer Security & Data Protection
  • Mobile Security Basics
  • End of the Day Security Challenge
  • PCI DSS Retail Store Experience
• A new version of Second Chance was released which adds support for Gmail and Office 365. This new version also includes:
  • A new URL report in the console which lets you see what URLs are triggering Second Chance prompts for your users.
  • The addition of URL unwinding, which decodes shortened or rewritten URLs to display the actual destination of the link that was clicked.
  • The option to specify a Web Proxy during installation.
• Vishing 2.0 was released with support for US and international numbers. There are over 200 built-in templates and 21 different language categories.
• We have modules now available in 20 additional languages in the ModStore for Gold/Platinum/Diamond subscriptions:
  • 2018 CEO Fraud
  • 2018 Ransomware
  • 2018 Safe Web Browsing
• As part of the Popcorn Series "Security Moments", the module Hacking Emotions is now available in the ModStore for Diamond subscriptions.

March 2018

• Industry benchmarking data was added to KnowBe4's Free Phishing Security Test. 
• Popcorn Training was added as a publisher in the ModStore and is available with Diamond-level subscriptions.
• A new version of PAB was released (1.1.17). See our Phish Alert Release Notes for details.
• The EEC Pro has been updated. Customers receiving the previous version of the EEC will now receive the new EEC Pro moving forward. See more here: EEC Pro Product Manual
• The "2018 Mobile Device Security" module is now available in 20 languages (Gold/Platinum/Diamond subscriptions).
• You now have the capability to use our Active Directory Integration (ADI) with Azure Active Directory Domain Services. See our ADI and Azure AD Domain Services article for more information.
• An external (non-KnowBe4) SAML vulnerability was announced and KnowBe4 promptly patched to prevent any issues with this vulnerability.
  • See more information here: Vulnerability Note VU#475445

February 2018

• An API has been released to allow you to pull user and group data from your console.  
  • See more here: API Reference Guide
• Industry benchmarking data was added to the Dashboard of your console. This allows you to compare your security awareness program's results with those in your industry or others.
  • Industry Benchmarking Data
• There has been an update to the whitelisting process for Office 365 mail environments. 
  • If you have whitelisted our mail servers by IP Address, see here.
  • If you have whitelisted our mail servers by email header, see here.

January 2018

• A video for your end users was released--it explains how to get started with their KnowBe4 training. You can include a link to this video with your training notifications if you'd like to, to help explain the training process. 
  • End User Training Video
• Phish Alert Button CSV download is now available on the KnowBe4 console Dashboard and shows the number of simulated vs. non-simulated emails reported.
• New Facebook, Office 365, and Netflix Landing Pages were added to System Landing Pages.
• Enhancements were made to all tabs that display email templates. This includes:
  • The My Templates, System Templates, and Community Templates tabs under the Phishing portion of the console
  • The My Templates and System Templates tabs under the Training portion of the console
    • Check out this quick video explaining the changes.
• AwareGO was added as a publisher in the ModStore and is available with Diamond-level subscriptions.
• The "2018 Creating Strong Passwords" module is now available in 20 additional languages (Gold/Platinum/Diamond subscriptions).
• A new version of PAB was released (1.1.16). See Phish Alert Release Notes for details.
• A reporting API for Phishing data was released and allows customers to pull Phishing data from their consoles. For more information, see the links below:
  
  • KnowBe4 API Manual
• A new category of "Security Hints & Tips" templates was added to System Phishing Templates which automatically include your organization logo. Look for the (Branded) tag on the category. 
• The MSP/Reseller Console's Dashboard page was updated to include more information, including subscription level and end date, number of active accounts, number of purchased seats, and number of active seats (paid/free/trial).

December 2017

• Security Roles feature release
• New customers with Diamond-level subscriptions will not have any training content automatically added to their accounts.
  • You can select the content suitable for your organization, from the ModStore. Learn more here.
• Second Chance feature release
  • You can enable Second Chance in your existing KnowBe4 account by updating your Account Settings.
• Additions to Training Campaign "Users" page, including the date the user was enrolled, how much time is left for each user, and if the user acknowledged any policy assigned to a training module in a particular campaign. 
• Check out this quick video explaining the changes.
• You can now see the length of available videos in the ModStore.

November 2017

• Securable.io was added to our list of publishers within the ModStore.

October 2017

• Smart Groups feature release
• Active Directory Integration (ADI) Version 1.0.11.0 released
  • This version adds support for synchronizing group membership using a user's primary group.  There is no need to upgrade functioning ADI deployments to this new version. 
• Update to Free Phishing Test version 2.0 (additional template and landing page options offered) on EU server

September 2017

• Active Directory Integration (ADI) Version 1.0.10.0 released 
  • Addresses an issue with group synchronization when using UserPrincipalName as the email address. If you are not experiencing issues with your ADI services, there is no need to upgrade your ADI version.
• Phish Alert Button (PAB) Version 1.1.11 released
  • Addresses rare scenario where the Outlook Ribbon was disappearing.  If you are experiencing this issue please see our Phish Alert Button (PAB) Release Notes. If you are not experiencing issues there's no need to update.

August 2017

• MSP/Resellers: Ability to import and export Phishing Templates, Landing Pages, and Training Notifications is now available when logging into accounts via your Reseller console.
• We've updated our training notification placeholders to be functional in manager and admin templates. The following placeholders: [[email]], [[first_name]], [[last_name]], and [[display_name]] were updated and can be used in notifications directed towards managers and admins.
• Improvements were made to the User List and Group Member List interfaces. You can now sort all columns, show/hide specific columns, and increase/decrease the number of entries per page.
• Enhancements made to the Phish Alert Button. You can now set up multiple Phish Alert Button instances for your organization, allowing greater PAB customization.

July 2017

• Automated Security Awareness Program (ASAP) feature release
• Active Directory Integration (ADI) Version 1.0.9.0 released
  • Addresses a crashing issue with the ADI service when an Active Directory has missing email address information. If you are not experiencing issues with your ADI services, there is no need to upgrade your ADI version.

June 2017

• Password-less logins feature released
• Anonymous console data feature released
• Enhancements to training campaigns and notifications
  
  • You can now notify users, user managers, and admins with a variety of notification types
  • Additional manual notifications added
  • Ability to dynamically create training notifications while in training campaign creation screen was added
  • Training Notification categories are displayed under template selection drop-down

May 2017

• Weak Password Test feature released
• Location field was added to CSV downloads

April 2017

• Reply-to is off by default on Phishing Campaign
• SSO links are now available in your Account Settings
• Ability to clone campaigns was added
• My Purchased Items will show the most current items at the top
• Added Sender's Name for Training Notification templates

March 2017

• Updates and improvements to Training Campaign Creation Screen
  • Ability to add/remove users from groups once they complete training
  • Ability to create campaigns with a "relative duration"
• An entry was removed from our Phish Link Domains. Customers who require our phish domains, please request an updated list from the Support team
• Added HTML Attachment and HTML Attachment with Link available attack vectors on Phishing Template Creation screen
• Subscription level details are now shown under your Account Settings
• CSV download improvements

February 2017

• Update to Free Phishing Test (additional template and landing page options offered) on US server
• Release of Free USB Test
• Language filter available in ModStore

January 2017

• Release of the ModStore and Diamond-level service subscription
• Release of Social Engineering Indicators (SEI) 

December 2016

• New users added to your KnowBe4 console will inherit account time zone
• Ability for users to change what language their course is in