The foundation of SANS Securing The Human is security awareness training. We recognize that testing employees is necessary in order to establish a baseline, determine if training is needed and to evaluate the effectiveness of training conducted. You are more likely to change human behavior when a combination of both training and testing is offered. STH.Phishing was created to accomplish just that: change human behavior through training and testing tactics, creating more secure organizations.
STH.Phishing allows you to send emails to employees within your organization in a manner that is consistent with what real criminals are doing. With our program, you will be able to determine which individuals have fallen victim to the phishing email and provide them with immediate feedback and training. You can also see and address existing vulnerabilities in order to reduce the likelihood that information will be stolen should the employee fall victim to a real phishing email in the future.