One-Time Phishing Simulation & Security Awareness Training
A complete 30-day awareness sprint — simulate, train, measure — ending in an audit-ready report your assessors will accept. No subscription required. For Indian teams of 50–1,000.
When one run is the right call
Annual compliance evidence
SEBI CSCRF, ISO 27001 and DPDP expectations all come down to one question from the assessor: show us the training happened. The run ends in exactly that document.
A customer or auditor asked
An enterprise client or certification audit wants proof of security awareness training — get defensible evidence inside 30 days, without procuring a platform.
A baseline before you budget
Measure your real phish-prone rate first. The before/after risk score gives you the number that justifies (or right-sizes) a full programme.
Try before you subscribe
Run the whole platform once. If you upgrade within 90 days, 50% of the run is credited to your annual plan.
How the run works
Set up & baseline
Users onboarded, first simulation sent — your baseline phish-prone rate is measured before anyone is trained.
Simulate & train
Up to 5 campaigns from the full template library (including AI-generated lures), with industry-specific and cross-industry training assigned to everyone.
Measure the change
A final simulation captures the after picture: click rate, report rate and risk score, individual completion records.
Audit-ready report
Before/after risk score and complete evidence pack — signed, when we run it for you (Managed).
Every run includes
- 30 days of full platform access
- All templates, including AI-generated
- Up to 5 phishing simulation campaigns
- 1 industry-specific training assignment
- 1 cross-industry training assignment
- Audit-ready compliance report + before/after risk score
Evidence your assessor can accept
SEBI CSCRF asks regulated entities to run security awareness training and keep proof. ISO 27001 (control 6.3) and the DPDP Act’s reasonable-safeguards expectation point the same way, and enterprise customers increasingly ask their vendors for it. The run exists to produce that proof — in one month, without buying a platform.
Add the optional retest (+40%) after 60–90 days for a delta report that shows the improvement, not just the baseline.
The closing report documents
- Every simulation campaign: templates used, send dates, who clicked, who reported
- Individual training completion records for all enrolled users
- Organisation-wide phish-prone risk score — before and after
- Signed by our team on Managed runs
One run, one price. No subscription.
Per-user rates improve with team size. Configure your exact price — team size, Self-Service or Managed, optional retest — on the pricing page.
Upgrade within 90 days and half your run is credited toward any annual plan. Your sprint funds your rollout.
Optional retest after 60–90 days adds 40%. Self-Service is limited to 2 runs per organisation per 12 months.
One-time run questions
What is a one-time phishing simulation run?
A productised 30-day sprint: we set up your team on the Knowspams platform, run up to 5 phishing simulation campaigns and 2 training assignments, and close with an audit-ready report showing your before/after risk score. There is no subscription — one run, one price, for teams of 50–1,000.
Is one run enough for annual security awareness compliance?
Most Indian frameworks — SEBI CSCRF, ISO 27001 (control 6.3), the DPDP Act's reasonable-safeguards expectation and typical customer audits — ask for evidence that awareness training actually happened. One run produces that evidence for the year. Add the optional retest for a delta report, or repeat the run annually.
What audit evidence does the run produce for SEBI CSCRF or ISO 27001?
The closing report documents every simulation campaign, individual training completion records, and your organisation's before/after phish-prone risk score — the artefacts assessors ask for when they check awareness-training requirements. Managed runs include a signed report.
How much does a one-time run cost?
Self-Service is ₹85–₹110 per user (minimum order ₹15,000); Managed is ₹125–₹165 per user (minimum ₹25,000) — the per-user rate improves with team size. An optional retest after 60–90 days adds 40%. Prices exclude GST.
What happens after the run?
If you upgrade to any annual plan within 90 days, 50% of what you paid for the run is credited toward it — your sprint funds your rollout. Otherwise, keep the report and re-run whenever you need fresh evidence (Self-Service is limited to 2 runs per organisation per 12 months).