Phish Alert button fetaures
I've enabled the new features that add user disposition and comments to submissions. I think these are great additions, however this presented a few admin task problems. review of this information is not intuitive. Manual download of a json file every time is cumbersome when dealing with hundreds of emails per day. I have also not found a way to exclude files, much like we can exclude URLs from Virus total submissions. Every kb4usercomments.json is scanned which is wasting resources. having the user disposition and comments as fields instead of an attachment would solve both of these problems I feel. I admit I do not know what the roadmap and technical limits of this feature are and we appreciate them none the less, but they are not as useful as they could be at this time.
Thanks for your message regarding PAB/PhishER to the community board. Development is currently working on your suggestions and Michael Barnard. That is a great idea about having the JSON creation to be signed. I have gone through and sent a feature request directly to our Development Team for further consideration. While I can’t provide a timeline or guarantee that this feature request will be implemented, our team always appreciates this information.
In the meantime, please be sure to keep an eye out for our latest changes here: https://support.knowbe4.com/hc/en-us/articles/115009454228-Security-Awareness-Training-Platform-KMSAT-Change-Log. Please reach out to your Customer Success Manager if you have further ideas and we would be happy to relay to our Development Team.
I agree with your comments. When I first read about the PAB enhancement I was very excited and was expecting to see a full integration with PhishER! I'm hoping that what we're seeing here is like an early beta release and that we'll quickly see the kinks worked out and a smooth process flow established.
This is also about security. For instance, how do I know the json attachment was created by PAB? Can it be signed? If signed, PhishER could pull the data and add it to fields like Michael said. Then the file could be removed show it doesn't show up as an attachment in PhishER.
There's a lot of thought that needs to go into this. Is there someone we can speak with at KnowBe4 to help the development of this feature?
Please sign in to leave a comment.