Skip to main content
Skip table of contents

General technical conditions

Read this article in: English, Deutsch, Dutch, French

Here you find the General Technical Conditions for using our products.

Current version: September 6, 2024

1 General technical conditions for using our products

This document describes the general technical conditions for the use of our products. Please refer to your Feature Matrix to find out whether a product is included in your scope of services.

The General Technical Conditions for using our products are subject to change. SoSafe reserves the right to update the General Technical Conditions without notice. Please make sure you check the latest version at https://link.sosafe-awareness.com/general-technical_conditions-en.

2 Browsers supported

The following browsers are supported and their use is therefore a prerequisite for the provision of services: Google Chrome, Mozilla Firefox, Apple Safari, and Microsoft Edge.

Since April 2023 we do not support Microsoft Internet Explorer 11 for the Manager and E-Learning. For Phishing Report Button, please refer below to 3.2.2: Web browsers supported.

3 Service modules

The following sections describe the services offered by SoSafe and define the processes and organizational interfaces required for service provision.

When implementing these service modules, the customer is generally obliged to cooperate in order to ensure the provision of services by SoSafe.

3.1 Phishing simulation

The phishing simulation service module comprises the sending of a defined number of (pre-arranged) emails to users over the service period. These emails simulate real phishing emails to increase the users' awareness of cyber security risks caused by phishing attacks. When a user clicks on a phishing element (image, link, etc.) in one of the simulated phishing e-mails or is forwarded to a landing page (such as the login page), a web page is called up (hereinafter referred to as the "learning page"), which informs the user about the simulation and provides concrete information on how the respective e-mail could have been identified as a phishing attempt.

3.1.1 Phishing Simulation Options

  • For the Basic phishing simulation, customers can set up a straightforward baseline simulation, sending phishing emails to all users within their organization. End users will receive phishing emails randomly throughout the simulation time frame which will be defined by the Customer.

  • Spear phishing simulation: All emails are individualized for the respective recipient using Standard phishing placeholders (such as "Dear Mr. Miller, ...") and in some cases also include details such as the name or location of the Customer.

  • Customized spear-phishing simulation: If booked, customers can send an additional 3 simulated phishing emails, which we create together with you specifically for your organization (such as a simulation of CEO fraud). The individually created phishing emails are provided in English and German.

  • On top of the Basic simulation, you can add targeted or behavior-based phishing:

    • Targeted phishing offers a simple setup where customers can send contextually relevant templates to specific user groups such as finance, IT or HR. To make this possible, specific user groups that reflect these focus groups are needed.

    • Behavior-based phishing: The phishing simulation will be tailored at the relevant difficulty level, and the right cadence for each individual user to enhance both engagement and learning effectiveness. For example, if an end user has a low phishing threat awareness they will receive simulated phishing email at the 'easy' difficulty level. If a user has a high threat awareness they will receive simulated phishing emails at the 'hard' difficulty level. We recommend this approach as the most effective way to reduce risk for your organization.
      To make the capabilities work, you must set up a running Entra ID connection and activate personalized tracking.

3.1.2 Whitelisting

To ensure that all simulated phishing emails are delivered to all users to be trained in the training, the customer is required to set up a whitelisting. This is a duty of cooperation on the part of the customer, without which SoSafe cannot guarantee the provision of services. At this point, the customer shall therefore be responsible for ensuring that the simulated phishing emails actually arrive in their complete form in the users' mailboxes and can be used within the scope of the training measure. If the customer cannot influence the whitelisting itself (such as because the customer has commissioned an IT service provider to manage its IT systems), the customer must ensure that the whitelisting is nevertheless carried out.

The following steps must be taken for whitelisting:

  • SoSafe's email servers must be whitelisted in the receiving email system to prevent the rejection of incoming emails.

  • Any existing filter systems (such as secure mail gateway) must be configured in such a way that the simulated phishing mails are not marked as "junk" or "spam" and delivery to the users can be guaranteed.

  • Any existing systems provided by the customer to protect access to the Internet from the user's end devices (such as web gateways, proxies, security settings of the operating system) must be configured in such a way that the undistorted display of the simulated phishing emails in the user's email programs is guaranteed. Furthermore, these systems are to be configured so that the learning pages can be displayed via a web browser.

  • Additionally, customers might also whitelist the following:

    • envelope sender addresses

    • list of used domains

    • image server

SoSafe provides instructions for the implementation of these steps for selected tools. The instructions also contain all necessary technical information such as IP addresses and server names of the email servers, URLs to be released for filter systems, and systems for access protection. Please note that third-party support is needed for some third-party services.

3.2 Phishing Report Button

The Phishing Report Button service module is a functionality that allows users to report emails that are considered to be a potential phishing attack. The report is sent to an email address defined by the customer in the form of a forwarding of the suspicious email. Simulated phishing emails from SoSafe are not forwarded, but instead reported to SoSafe. The customer must specify an email address where the forwarding is to take place.

The functionality is provided in the form of a Microsoft Office add-in. In order for the Outlook add-in to load and function properly, different requirements must be met on the server and client side. The Phishing Report Button can also be used with Google Workspace with some limitations.

3.2.1 Client requirements

  • The client must be one of the supported applications for Outlook add-ins. The following clients support add-ins:

    • Outlook 2013 or higher on Windows

    • Outlook 2016 or higher on Mac

    • Outlook for iOS

    • Outlook for Android

    • Outlook on the Web for Exchange 2016 or higher and Office 365

    • http://outlook.com

  • The client must be connected directly to an Exchange server or to Office 365. When configuring the client, the user must select Exchange, Office 365, or http://outlook.com as the account type. If a POP3 or IMAP connection is configured for the client, add-ins are not loaded.

  • Alternatively: Google Workspace

3.2.2 Web browsers supported

  • Microsoft Edge v1

  • Microsoft Edge v2

  • Chrome

  • Safari

  • Firefox

  • Internet Explorer 11

    • As of 06/15/2022, Internet Explorer 11 (IE11) has reached its end-of-life cycle. This change primarily affects users on MS Outlook versions 2013 and 2016. From 11/16/2023, customers using IE11 will no longer receive new feature updates on the Phishing Report Button, although critical bug fixes will continue to be addressed. Customers using modern versions of Outlook will benefit from accelerated updates and new features. We advise customers still using IE11 to transition to supported browsers for optimal experience and support.

3.2.3 Outlook requires a certain browser engine to run add-ins

The browser used by Outlook (internally) is determined by the system configuration. Certain Outlook versions with certain system configurations require specific browsers to be installed and enabled. For a detailed explanation and a compatibility table, please contact us.

3.2.4 Email server requirements

If the user is connected to Google Workspace, Office 365 or http://outlook.com, this already meets all the requirements for the email server. However, for users connected to an on-premises Exchange Server installation, the following requirements apply:

A successful installation as well as a smooth roll-out of the add-in can only be guaranteed if the customer uses the standard settings of the respective program and has no third-party application in operation that affects the functionality of the add-in. Individual support by SoSafe during the setup of the add-in in a non-standard infrastructure is explicitly excluded. As an optional service, resources with appropriate expertise can be arranged. This requires a separate and explicit agreement between the parties involved.

3.2.5 Client / Server API Compatibility

The Outlook add-in makes use of Exchange Web Services (EWS) or the Outlook REST API in order to retrieve data from the user’s Outlook mailbox. The following sections state the availability of EWS, REST and Graph API for all supported Exchange Server/Outlook Client combinations and their effect on forwarding.

Exchange On-Premise

For all Exchange On-Premise servers (no hybrid deployment) we can only support EWS.

Exchange Online / hybrid server deployments

For Exchange Online and hybrid deployments of Exchange servers we support the following EWS, REST, and Graph API availability for the respective client/server combinations:

  • REST: REST API only

  • EWS: EWS only

  • Graph: Graph API only

  • All: EWS + REST API + Graph API

Windows

Windows

Windows Outlook clients

MS 3651

Outlook 2021

Outlook 2019

Outlook 2016

Outlook 2013

 

 

Server

Exchange Online

All

All

All - Graph MSAL PopUp

EWS

EWS

Exchange 20192

All

All

All - Graph MSAL PopUp

EWS

EWS

Exchange 20162

EWS/REST

EWS/REST

EWS/REST

EWS

EWS

Exchange On-Premise

EWS

EWS

EWS

EWS

EWS

macOS

macOS

 

macOS Outlook clients

Office on Mac (classic UI)

Office on Mac (new UI)

 

 Server

Exchange Online

All

All

Exchange 20192

All

All

Exchange 20162

EWS/REST

EWS/REST

Exchange On-Premise

EWS

EWS

Other

 Other

Outlook clients

Android App

iOS App

Web Browser (Exchange Online)

Web Browser (On-Premise)

Mobile Browser

 

Server

Exchange Online

Graph/REST

Graph/REST

All

EWS/REST

not supported

Exchange 20192

Graph/REST

Graph/REST

All

EWS/REST

not supported

Exchange 20162

REST

REST

EWS/REST

EWS/REST

not supported

Exchange On-Premise

not supported

not supported

n/a

EWS/REST

not supported

 

1 Microsoft Office 365 subscription
2 connected to Exchange Online (hybrid deployment)
Graph MSAL pop-up: Every time a user opens the Phishing Report Button, the user will see a flash of a MSAL pop-up for logging in the user via Graph

Differences in forwarding via EWS and REST/Graph API

Forwarding can be done in “.eml” or “split” mode, each of which differ in the following ways. Depending on the available API and the configured forwarding mode, the following files are forwarded to the customer’s email addresses:

 

via REST/Graph

via EWS

.eml mode

  • mail.eml

  • mail.eml

    • for emails greater than 500 kB the add-in automatically switches to split mode

Split mode

  • body.html

  • headers.txt

  • All attachments as the original files 3

  • body.html

  • headers.txt

  • attachments.txt 3

    • contains information about the attachment’s name, size, type, IsInline

3 If the email contains attachments

3.2.6 Phishing Feedback

Phishing Feedback is an automated reporter feedback mechanism for emails reported using our Phishing Report Button (PRB). The feature automatically shares the analysis result of a reported email with the user who reported it. In its current form, the feature does not provide automated analysis capabilities.

The feature can be used with or without integration into a ticketing system.

Phishing Feedback can be integrated with Jira Service Management and ServiceNow. SoSafe will deliver implementation steps for these.

Disclaimer: The Customer’s internal team is responsible for classifying the email reports via the Phishing Report Button (PRB). The results of these evaluations, as provided by the Customer, shall be incorporated by SoSafe into the feedback emails sent to the end user (the reporter). SoSafe does not guarantee the completeness or accuracy of the Customer’s analysis results. Therefore, the Customer acknowledges and agrees that SoSafe is not liable for the completeness or correctness of the analysis results incorporated by SoSafe in the end user’s feedback email, nor for any potential damage that may arise from it.

3.3 PhishAssist/ Reporting Nudges

PhishAssist is a feature of the Phishing Report Button, designed to assist users in the identification of potential malicious emails. Its primary objective is to educate users on critical factors to evaluate while assessing emails for potential threats.

3.3.1 PhishAssist's Assessment Criteria

PhishAssist employs an assessment based on five key factors to establish the potential risk of an email:

  • Email authentication: Checks are conducted on SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance) to authenticate the email source. Please note that this risk factor, while essential to our evaluation, is not explicitly displayed to users within the user interface.

  • Sender information: Both the sender's domain and name undergo an examination to confirm legitimacy.

  • Email attachments: PhishAssist scrutinizes the types of attachments included in the email, providing feedback if types commonly associated with security risks are detected.

  • Embedded links: All embedded links are analyzed for characteristics typically indicative of phishing attempts.

  • Email content: The email content is reviewed for terms often employed within phishing communications.

The current implementation of PhishAssist operates entirely within the user’s email client. This ensures no email data is transmitted externally, aligning PhishAssist with GDPR (General Data Protection Regulation) requirements implicitly.

3.3.2 Clarification on PhishAssist's Functionality

PhishAssist is a tool designed primarily to enhance user awareness and vigilance in identifying potential email threats. It is essential to understand that PhishAssist does not and will not definitively categorize an email as either entirely safe or a confirmed phishing attempt. Instead, it aims to guide users in identifying the tell-tale signs often associated with malicious emails.

In the assessment process, PhishAssist scrutinizes links within the email, specifically their attributes, not by opening or following them. This approach helps identify characteristics typically associated with phishing attempts.

Similarly, the evaluation of email attachments is based solely on the file type. The contents of these attachments are not opened or analyzed within a Sandbox environment to determine potential maliciousness.

3.3.3 Client / Server API Compatibility of PhishAssist

Operating system

Office version

Edge WebView2 (Chromium-based) installed?

PhishAssist

Android

Any

Not applicable

Yes

Any

Office web

Not applicable

Yes, if not opened in IE11

iOS

Any

Not applicable

Yes, if not opened in IE11

Mac

Any

Not applicable

Yes

Windows 7, 8.1, 10, 11

Non-subscription Office 2013 to Office 2019

Does not matter

Not supported

Windows 10, 11

Non-subscription Office 2021 or later

Yes

Yes

Windows 7

Microsoft 365

Does not matter

Not supported

Windows 8.1, Windows 10 ver. < 1903

Microsoft 365

No

Not supported

Windows 10 ver. >= 1903, Windows 11

Microsoft 365 ver. < 16.0.11629

Does not matter

Not supported

Windows 10 ver. >= 1903, Windows 11

Microsoft 365 ver. >= 16.0.11629 and < 16.0.13530.20424

Does not matter

Yes

Windows 10 ver. >= 1903, Windows 11

Microsoft 365 ver. >= 16.0.13530.20424

No

Yes

Windows 8.1, 10, 11

Microsoft 365 ver. >= 16.0.13530.20424

Yes

Yes

 

Note: This table includes information on the compatibility of PhishAssist with different operating systems, Office version, and whether Edge WebView2 (Chromium-based) is installed. The entries "Not applicable" and "Does not matter" indicate that a particular criterion is not relevant to a specific combination of operating system and Office version.

3.3.4 Exclusion of Liability

SoSafe expressly disclaims any liability arising from incidents where the assessment data generated by PhishAssist is used as the sole basis for email security decisions, and a subsequent cybersecurity event occurs. The intent of PhishAssist is to serve as an educational tool to augment user awareness and discernment, rather than providing absolute assurance of email safety.

3.4 E-Learning

The e-learning service module comprises the possibility for all authorized users of a customer to access the agreed number of learning modules within the scope of service provision. The learning modules impart knowledge in the field of cyber security and cover a wide range of sub-topics. The booked learning modules can be accessed via SoSafe's own learning platform or integrated into a customer's existing learning management system (LMS) via SCORM streaming. The learning modules are divided into learning videos and interactive learning modules.

The learning videos can be used with or without acoustic output (this can be controlled locally via the user's operating system or browser). All language versions (see section "Multilingual Package") of the learning videos have an audio track and subtitles. For an ideal learning experience, we recommend doing the modules in fullscreen mode. Some modules are not optimized for viewing on mobile devices.

3.4.1 Access via learning platform

The proprietary learning platform of SoSafe is available at https://elearning.sosafe.de. Users can register with their professional email addresses. Alternatively, an anonymous access code can be used.

  • Core personalization: Core personalization of user paths determined by factors such as goal setting, duration, completion milestones, language preferences, selected lessons, and insights from the Risk Assessment Survey. Future personalization parameters will be contingent upon the chosen package. Some additional E-Learning features are currently not compatible with core personalization (Policy Management, Custom Modules, Manager Escalation).

  • For e-learning, the agreed upon number of learning modules and learning videos can be activated for all users of the customer from the available interactive learning modules on cyber security. A reminder function reminds users who have not yet registered or have not yet completed individual modules of a registration/finalization via email.

  • When using the SoSafe learning platform, users receive a certificate for all learning modules passed.

  • Gamification: On the SoSafe learning platform, users pass levels, collect badges, and can view their progress in a personal success overview.

  • Content Management:

    • Customization Engine - Through the use of content placeholders, content on the learning platform can be customized to meet the needs and regulations of your company.

    • Policy Management - Upload policies, present them to your employees, and track their acceptance with downloadable reports.

    • Custom Modules/ Bring your own content - Upload and play your SCORM 1.2 cyber security content on our learning platform. Technical conditions are:

      • Select authoring tools are compatible

      • Upload limits: 150MB for modules, 10MB for pictures

      • Quiz needs to be passed with >75%

      • Limited module categorization and language bundling

      • We support static SCORM1.2 modules

  • Manager Escalation - Schedule email updates for people managers and keep them informed of their team's e-learning progress.

  • To register on the SoSafe learning platform, it is also possible to use Single Sign-On via Microsoft Entra ID, Google, or Okta. To enable the learning platform to authenticate itself against the identity provider, an identity provider in the cloud is required (hybrid setup possible). The protocol used is OAuth 2.0 or SAML 2.0, which is ideally suited for use in web apps. Only a one-time authorization of our web app by the customer’s administrator is required. The technical requirements for Single Sign-On can be viewed at http://support.sosafe.de.

3.4.2 Access via customer LMS

The learning modules are provided in the standard SCORM 1.2 as container files. These container files can be integrated into the LMS. The content of the learning modules is then provided by a streaming server of SoSafe at the time of access. For this purpose, access to the streaming server at lms.sosafe.de must be guaranteed. For older installations, access to lms0.sosafe.de might be needed.

Individual support by SoSafe for the setup of the learning modules in a third LMS is explicitly excluded and the support of the third-party providers is referred to.

3.5 SoSafe Manager

The SoSafe Manager can be accessed by the customer at https://manager.sosafe.de and it is available in English, German and French. The SoSafe Manager is the portal for the administration of awareness measures. Within the reporting dashboard on the portal, the customer can view various key figures about the commissioned service components, such as general click rates of the simulated phishing emails, overall e-learning progress, and - depending on the service agreement - individual employees’ e-learning results. Exactly which data can be viewed and processed is regulated in a separate Data Processing Agreement. Access can be optionally secured via MFA.

  • Branding: The customer's logo is displayed at the top of the learning pages associated with the phishing simulation, as well as on the SoSafe learning platform. The buttons and color design elements of the learning pages and learning platform can be adapted to the customer's corporate identity. In addition, the information text on the learning pages (non-specific, independent of the email) can be created or adapted according to customer requirements. If the logo and color scheme are freely available, the setup can be done by SoSafe. Otherwise, the corresponding data will be provided by the customer. The customer guarantees for the integration that they hold the usage rights to the logo and are liable for any violation of the rights of third parties.

  • Supporting awareness material: You receive supporting digital material for your awareness campaign, such as posters, screensavers, flyers, and communication templates.

  • Multilingual package: Phishing mail templates, learning pages and learning content are available in additional languages. Up to 30 languages are currently available, an up-to-date list will be provided on request.

3.5.1 User Data Provisioning

There are two ways to transfer user data: via a user list or automatically via a SCIM connection. The customer must ensure that only e-mail addresses whose domain is owned by the customer are transferred.

  • With the User Management, customers can simply upload a user list for the phishing simulation and/or e-learning. A template (Excel file) is provided for this purpose. The transmission of the user list to SoSafe is done via a secure data connection. The customer will receive a user account for this purpose. The actual number of users available in the system shall not exceed the licensed number of users (contractually agreed upper limit)

  • The customer can update the user list via the aforementioned access to the SoSafe Manager Portal at any time on their own should there be any changes due to fluctuation, etc.

  • Automatic user provisioning: We support automatic user provisioning through either a direct integration, or integrated through a SCIM connection. Direct integrations are supported for Google Workspace. Integrations through SCIM connections are supported for Microsoft Entra and Okta. We are currently working on supporting Jumpcloud and SAP Success Factors.

    • The SCIM connection to the SoSafe Manager only supports data transfers from the Microsoft Entra ID, On-premise Active Directories are not supported.

    • All integrations only support the connection of one source tenant. All user data to be transferred must be managed by the Customer in one tenant. The connection to multiple tenants is not supported.

    • If a SCIM connection to the SoSafe Manager is established, the user administration is carried out exclusively via the source tool on the customer side; it is not possible to additionally import users into the SoSafe database via Excel or CSV imports.

    • No nested groups supported

    • Each person can only be in exactly one user group at a time

    • The technical requirements for SCIM connections can be viewed at http://support.sosafe.de.

3.5.2 Analytics

An Analytics and reporting dashboard that features key behavioral metrics, including phishing and e-elearning performance.

  • User feedback: You can view user feedback.

  • The evaluation contains benchmarks on all key figures compared to the customer average.

  • ISO 27001 reporting: The data is evaluated in an ISO 27001 –audit-compliant manner.

  • Expert evaluation: In addition to the provisions regarding the user list, the list can be supplemented with additional classifications. For example, these can be user groups based on the customer's organizational units or locations. The evaluations on the reporting dashboard are then differentiated according to this classification. When the customer defines the classification, the agreed provisions of the Data Processing Agreement must always be observed; for example, the minimum size of a user group must not be less than 5 persons for data protection reasons.

  • Expert benchmarking: The evaluation contains additional benchmarks, such as on the customer's industry and company size. This can be requested by the respective Customer Success Manager.

  • Data export: You can download evaluation data as an Excel or CSV file.

  • Analytics Integrations: We offer the capabilities to automatically export your files to OneDrive which you can then import to any internal tooling supporting OneDrive files. We are working on adding more capabilities, such as Power BI.
    Disclaimer: The Customer’s internal team is solely responsible for using SoSafe with an automation built on top of the Analytics integration. The Customer acknowledges and agrees that SoSafe is not liable for such automation, nor for the completeness or correctness of the analytics data contained in the file during the term of the agreement, nor for any potential damage that may arise from it.

3.5.3 Multitenancy

Our “Multitenancy package” offers the ability to utilize multiple application instances (tenants) per one customer account. Each tenant’s data is isolated and remains invisible to other tenants. Configuration is also individualized per tenant for various platform properties, including but not limited to admin rights, user lists, placeholders, branding, phishing simulation templates, SCORM streaming, Phishing Report Button, and more.

3.6 Sofie Copilot

3.6.1 Rapid Awareness. Security professionals can send timely alerts directly through the MS Teams bot Sofie, reaching their employees 1:1 and ensuring constant awareness.

Once the Customer's administrator provides the Microsoft bot configuration through SoSafe's Manager, administrators can create drafts or schedule alerts to be sent to the selected group of users. Rapid Awareness is a convenient way to communicate important messages to your employees or share relevant news related to your cyber security practices or developments.

3.6.2 Level Zero Support.

Transform your security support with conversational AI. As a prerequisite, the Customer's administrator must deploy the Microsoft bot configuration through SoSafe's Manager. After that, administrators will be able to define, configure and train Sofie. Sofie will use this knowledge management configuration to interact with your users.

Contact your Account Executive or Customer Success Manager to learn more about Sofie.

For more detailed instructions on how to set up and manage the Microsoft Teams application, see our Installation Guide. https://support.sosafe.de/ADOC/how-to-install-the-ms-teams-app-sofie-rapid-awaren

Disclaimer: Usage for informational purposes only. By using Sofie Level Zero support, the Customer acknowledges and agrees that the Chat Bot’s responses are provided for informational purposes only and do not constitute nor substitute professional advice. Users are expected to exercise their own judgment when acting upon the Chat Bot’s advice and seek professional guidance where necessary.

4 Additional Content

4.1 Content Add-Ons

Additional content aside from cyber security lessons covering a broad range of compliance topics. List of lessons and languages available in Feature Matrix and Language & Content overview documents.

4.2 Role-Based Content

We provide specialized content tailored to various roles within a company. Check the latest language availability in our language overview. Roll-out is dependent on the customer’s user groups and currently possible without the personalization feature.
The following Role-Based Content is accessible:

  • IT professionals: The agreed number of interactive cyber security modules for IT professionals can be activated for all users.

  • Managers: The agreed number of interactive cyber security modules for managers can be activated for all users.

  • Blue-collar workers: This specific training is offered as a printable PDF kit. It contains detailed instructions to assist managers in communicating cybersecurity practices, as well as material for workers covering essential cybersecurity topics. 

  • Developers: One SoSafe video module to raise general security awareness and can be found in the “IT professionals” category. Additional detailed training and hands-on experience are offered via partners:  SecureFlag. The partner content will be played outside our platform.

5 Service Levels

SoSafe offers different kinds of services based on the booked service level. Please refer to your Feature Matrix to see which features apply to your subscription plan.

5.1 Implementation

  • Quick implementation: You will receive non-customizable implementation services based on our best practice recommendations. Additional materials to guide you through the process will be provided.

  • Full-service implementation: Your personal implementation manager supports and advises you on the advanced configuration of your awareness platform: best-practice approaches, whitelisting, recommendations for communication incl. templates, user management with data quality assurance.

    • Advanced scheduling: We are able to adapt the dispatch times individually to customer requirements, such as vacation periods and time zones.

    • Advanced Analytics: Includes the same KPIs as in the normal Analytics feature, but also allows them to be grouped according to user groups or Extended Data. Customers with Advanced Analytics can use the Extended Data fields in their user addresses. Extended data can be additional regions or departments that customers would like to filter and see in the Analytics. The Extended Data in Analytics is only visible if personalized analytics have been agreed upon before starting awareness measures.

5.2 Support

Support times are subject to the general response times listed in our SLA. Within these agreements priority is defined by your booked service.

  • Knowledge Base access: you will receive access to our knowledge base articles.

  • Priority support: Your support requests are treated with priority subject to our support times.

5.3 Customer Success

We offer Customer Success support either via E-Mail only or offer access to Customer Success Managers to consult on security awareness strategy and support ongoing usage of SoSafe.

6 Human Risk OS™

The most cohesive platform bringing together real-time risk detection, enhanced behavioral insights, a targeted set of interventions, all while plugged into the tools you use and trust.​ By fostering a proactive, positive security culture, the Human Risk OS™ strengthens resilience to human-related security risks and social engineering.

To make the Human Risk capabilities work you must set up a running Entra ID connection and activate personalized tracking.

It consists of three main components:

  • Human Behavior Sensors - Measure the digital activities, behaviors, and security culture of an organization. These sensors can be first-party (for example part of the SoSafe CSAT product) or third party (part of the wider customer ecosystem, such as Microsoft Entra) This creates individualized and group-level profiles of events. 

  • Human Security Index - Process human behavior sensors and additional contextual information to create a singular index that tracks cyber security performance for groups and organizations. This score allows organizations to quickly spot areas of concern, and to track progress and evolution over time as well as the impact of different types of interventions. 

  • Intervention Hub – This capability centralizes all interventions done within or outside the SoSafe platform. Given a group of end users, the Interventions Hub will suggest intervention strategies to mitigate the respective risk. These interventions can be automated (such as adjusting learning paths, a Sofie Copilot nudge, etc) or semi-automated (such as by starting a change management program). Interventions can help change specific target behaviors and positively influence the Human Security Index over time.

7 Self-Service-Awareness-Platform

  • This package is only available for customers with 5-250 users.

  • For this package, all users must be registered with the SAME email domain name. (single domain only).

  • The customer is provided with instructions (downloadable PDF) on the self-service platform https://app.sosafe.de, which explain all necessary steps, such as setting up whitelisting, in a way that is understandable for the average user.

  • All relevant information (customer master data, billing data, etc.) must be entered by the customer via the platform.

  • A template (Excel file) is provided for the transmission of the user list, the scheme of which must be followed in order to ensure a clean upload of the data to the self-service platform. This user list can be updated by the customer. The actual number of users in the system must not exceed the licensed number of users (contractually agreed upper limit).

  • A sample of the Data Processing Agreement is provided, which must be signed and uploaded by the customer.

  • Analytics: Includes access to the SoSafe Manager Portal, including the Analytics Dashboard to analyze KPIs (such as click and completion rates).

  • Interactive learning modules and learning videos in the e-learning are fixed and cannot be changed. A suitable industry package can be selected for the phishing simulation.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.