implementing-anti-phishing-training-program
Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv
Best use case
implementing-anti-phishing-training-program is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv
Teams using implementing-anti-phishing-training-program should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/implementing-anti-phishing-training-program/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How implementing-anti-phishing-training-program Compares
| Feature / Agent | implementing-anti-phishing-training-program | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Implementing Anti-Phishing Training Program ## Overview Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positive reinforcement to build a security-conscious culture. This skill covers designing, deploying, and measuring a comprehensive phishing awareness program using platforms like KnowBe4, Proofpoint Security Awareness, and open-source alternatives. ## When to Use - When deploying or configuring implementing anti phishing training program capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Management buy-in and budget approval - Security awareness training platform (KnowBe4, Proofpoint SAT, Cofense) - Employee email list and organizational structure - Baseline phishing susceptibility data (from initial simulation) - Learning management system (LMS) integration capability ## Key Concepts ### Training Program Pillars 1. **Baseline Assessment**: Initial phishing simulation to measure current susceptibility 2. **Interactive Training**: Role-based modules covering phishing identification 3. **Regular Simulations**: Monthly/quarterly phishing tests with progressive difficulty 4. **Just-in-Time Learning**: Immediate training after a user fails a simulation 5. **Positive Reinforcement**: Recognition for reporting phishing correctly 6. **Metrics & Reporting**: Track improvement over time by department and role ### SANS Security Awareness Maturity Model - **Level 1**: Non-existent - No program - **Level 2**: Compliance-focused - Annual checkbox training - **Level 3**: Promoting Awareness - Engaging, regular content - **Level 4**: Long-term Sustainment - Continuous program with culture change - **Level 5**: Metrics Framework - Risk-based measurement and optimization ## Workflow ### Step 1: Establish Baseline - Run initial phishing simulation across all departments - Measure click rate, submit rate, and report rate - Identify high-risk departments and roles ### Step 2: Design Curriculum - **General awareness**: Phishing identification basics for all employees - **Role-specific**: Finance (BEC/wire fraud), IT (credential phishing), Executives (whaling) - **Progressive difficulty**: Beginner, intermediate, advanced modules - **Micro-learning**: Short (3-5 minute) frequent sessions vs. annual marathon ### Step 3: Deploy Training Platform - Configure KnowBe4/Proofpoint SAT with organizational groups - Set up automated enrollment workflows - Integrate with LMS for completion tracking - Configure reporting dashboards ### Step 4: Run Continuous Simulations - Monthly simulations with varied scenarios - Increase difficulty based on organizational performance - Include diverse attack types: links, attachments, QR codes, BEC ### Step 5: Measure and Optimize Use `scripts/process.py` to analyze training completion, simulation results, and program effectiveness over time. ## Tools & Resources - **KnowBe4**: https://www.knowbe4.com/ - **Proofpoint Security Awareness**: https://www.proofpoint.com/us/products/security-awareness-training - **Cofense PhishMe**: https://cofense.com/ - **SANS Security Awareness**: https://www.sans.org/security-awareness-training/ - **Terranova Security**: https://terranovasecurity.com/ ## Validation - 90%+ training completion rate across organization - Measurable reduction in phishing click rate over 6 months - Increase in user phishing report rate - Department-level improvement tracking
Related Skills
zig-programming
zig-programming skill
performing-red-team-phishing-with-gophish
Automate GoPhish phishing simulation campaigns using the Python gophish library. Creates email templates with tracking pixels, configures SMTP sending profiles, builds target groups from CSV, launches campaigns, and analyzes results including open rates, click rates, and credential submission statistics for security awareness assessment.
performing-phishing-simulation-with-gophish
GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag
performing-adversary-in-the-middle-phishing-detection
Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.
investigating-phishing-email-incident
Investigates phishing email incidents from initial user report through header analysis, URL/attachment detonation, impacted user identification, and containment actions using SOC tools like Splunk, Microsoft Defender, and sandbox analysis platforms. Use when a reported phishing email requires full incident investigation to determine scope and impact.
implementing-zero-trust-with-hashicorp-boundary
Implement HashiCorp Boundary for identity-aware zero trust infrastructure access management with dynamic credential brokering, session recording, and Vault integration.
implementing-zero-trust-with-beyondcorp
Deploy Google BeyondCorp Enterprise zero trust access controls using Identity-Aware Proxy (IAP), context-aware access policies, device trust validation, and Access Context Manager to enforce identity and posture-based access to GCP resources and internal applications.
implementing-zero-trust-network-access
Implementing Zero Trust Network Access (ZTNA) in cloud environments by configuring identity-aware proxies, micro-segmentation, continuous verification with conditional access policies, and replacing traditional VPN-based access with BeyondCorp-style architectures across AWS, Azure, and GCP.
implementing-zero-trust-for-saas-applications
Implementing zero trust access controls for SaaS applications using CASB, SSPM, conditional access policies, OAuth app governance, and session controls to enforce identity verification, device compliance, and data protection for cloud-hosted services.
implementing-zero-trust-dns-with-nextdns
Implement NextDNS as a zero trust DNS filtering layer with encrypted resolution, threat intelligence blocking, privacy protection, and organizational policy enforcement across all endpoints.
implementing-zero-standing-privilege-with-cyberark
Deploy CyberArk Secure Cloud Access to eliminate standing privileges in hybrid and multi-cloud environments using just-in-time access with time, entitlement, and approval controls.
implementing-zero-knowledge-proof-for-authentication
Zero-Knowledge Proofs (ZKPs) allow a prover to demonstrate knowledge of a secret (such as a password or private key) without revealing the secret itself. This skill implements the Schnorr identificati