Run your entire human-risk program from one control plane
Cybears X Awareness unifies phishing simulation, awareness training, compliance, skills development, and gamification. The same training event satisfies a compliance control, advances a skill, and produces audit evidence — one signal, five surfaces.
Built to satisfy the frameworks you report against
Five functions other vendors sell separately
Phishing, training, compliance, skills, and gamification in one control plane — with a unified analytics layer underneath. No integrations to maintain, no evidence to reconcile by hand.
Phishing Simulation
Run multi-channel email, SMS, and voice campaigns with templated senders, landing pages, and A/B variants. Per-target tokenized links, masked credential capture, and a report-it workflow feed a per-user phish-prone index.
Awareness Training
Course → module → lesson → quiz, with sequential unlock and deadline enforcement. Assign by role, department, or risk level; failed simulations auto-assign a targeted remediation nudge.
Compliance Management
Map awareness courses to controls across ISO 27001, NIST CSF, HIPAA, NIS2, CIS v8, and SOC 2. Employee completions roll up coverage automatically, so reporting is continuous instead of episodic.
Skills Development
A skills taxonomy mapped to courses and quizzes. Each completion bumps a per-employee proficiency score from 0 to 100, surfaced as an admin coverage heatmap and a per-employee drill-down.
Gamification
Badges with eight criterion types — including streak and identity-targeted rules — plus bronze-to-platinum achievements, daily learning streaks, and a single XP currency mirrored across every surface.
Targeting & Segments
Build rule-based audience segments and suppression lists for VIPs and executives. Fully aware of your org hierarchy — company, department, grade, and team.
Notifications & Reminders
Course assignments, deadline reminders, quiz results, and streak nudges delivered in-app and by email — localized in English, French, and Arabic, with real-time WebSocket updates.
Deployment & Identity
Sync Active Directory or LDAP, or import a CSV, and go live in minutes. Cloud-native with a documented REST API and SSO — no hardware, no agents.
From zero to security-ready
in three steps
No lengthy onboarding. No professional services fees. Most teams are running their first campaign within the same week.
Setup & Import
Connect your Active Directory (LDAP/AD) or import employees via CSV. Define departments, grades, and risk segments. Your organizational hierarchy is ready in minutes — no IT effort required.
- Active Directory / LDAP sync
- CSV bulk import
- Role & department mapping
- Custom segments & suppression lists
Simulate & Train
Launch phishing campaigns across email, SMS, and voice. Anyone who clicks is auto-assigned a targeted remediation nudge; everyone else is assigned awareness courses by role and risk, with sequential unlock and deadline enforcement.
- Multi-channel campaigns
- A/B variant testing
- Auto-remediation after failure
- Sequential lesson unlocking
Measure & Report
Every completion does five jobs at once: it satisfies a compliance control, advances a skill score, awards a badge, ticks the streak, and updates risk posture. Coverage rolls up automatically into audit-ready exports — no spreadsheet reconciliation.
- Live risk dashboards
- Per-user phish-prone index
- Continuous compliance coverage
- Audit-ready PDF & XLSX exports
Compliance that reports itself
Cybears X Awareness maps each awareness course to the controls of your active frameworks. Employee completions drive coverage automatically, so reporting becomes continuous instead of episodic — the same training activity that lifts your posture produces audit evidence in real time. Absorb a new regulation by adding a framework definition and its mappings; no new tooling.
One-click evidence export
Export a coverage package — completions per control, per department, per framework — as audit-ready PDF or XLSX. Phishing results sit alongside as the program's effectiveness metric, not as control evidence.
Simple, transparent pricing
Pricing scales with your headcount and the channels you run. Every plan is quoted to your environment — no per-module costs, no surprises.
Starter
For small teams getting started
- Up to 100 employees
- Email phishing simulations
- Awareness training (courses & quizzes)
- Badges, streaks & XP
- ISO 27001 compliance mapping
- Self-view skill proficiency
- CSV import
- Email support
Professional
For growing organizations
- Up to 1,000 employees
- Email + SMS phishing, A/B variants
- Full awareness LMS with media
- Skills development & coverage heatmap
- Full gamification (badges, achievements, streaks)
- All compliance frameworks, live coverage
- Advanced analytics & risk scoring
- Active Directory / LDAP integration
- Priority support
Enterprise
For large enterprises & MSSPs
- Unlimited employees
- Email + SMS + voice phishing
- Custom templates & landing pages
- White-labeling available
- On-premise deployment option
- Full REST API access
- SSO / SAML integration
- Custom compliance frameworks & skills
- Dedicated Customer Success Manager
- SLA guarantee
Annual contracts · Volume pricing · Multi-tenant cloud or on-premise deployment
Questions we get all the time
Still not answered? Reach out — we respond within one business day.
Those tools each solve one piece — phishing, behavioral training, or compliance. Cybears X Awareness unifies five: phishing simulation, awareness training, compliance management, skills development, and gamification. The payoff is structural: one training event simultaneously satisfies a compliance control, advances a skill score, awards a badge, and ticks a streak. One signal, five surfaces — instead of five vendors to integrate and reconcile.
No — and that's deliberate. Across ISO 27001, NIST CSF, SOC 2, HIPAA, NIS2, and CIS v8, no major framework treats a phishing simulation as standalone control evidence. The awareness program satisfies the control; phishing posture is the effectiveness metric of that program. So in Cybears X Awareness, completed awareness courses map to controls and drive coverage, while phishing results feed risk scoring, remediation, and dashboards alongside the evidence.
Yes. The platform integrates with Active Directory and any LDAP-compatible directory. Users are auto-synced and can authenticate through AD credentials. You can also import employees via CSV for organizations without a directory server.
Most organizations run their first phishing campaign within the same week of connecting a directory. There is no hardware to install and no professional-services engagement required — sync AD/LDAP or import a CSV, define your segments, and launch.
Every tenant is isolated in PostgreSQL with row-level security policies enforcing company boundaries. Submitted credentials from phishing tests are masked and held with a configurable TTL — never stored in plain text. Sensitive configuration (SMTP credentials, DKIM keys, provider tokens) is encrypted at rest, and audit logs are append-only.
Yes. The platform ships with a template editor for email, SMS, and voice, plus a landing-page builder for credential-capture pages. Create templates from scratch or clone and modify existing ones, organize them by difficulty, and run A/B variants per campaign.
When an employee clicks a link, submits credentials, or otherwise interacts with a simulated message, they are automatically assigned a remediation nudge — a short, targeted micro-lesson matched to the attack type. Admins can configure escalation notifications and track remediation completion.
Yes. Cybears X Awareness exposes a REST API documented with OpenAPI. Push campaign results, risk scores, and compliance coverage to your SIEM, ticketing system, or custom dashboard. Enterprise customers get dedicated API support.
Request your free demo
See Cybears X Awareness in action with a live walkthrough tailored to your org size and the frameworks you report against. No sales pressure — just a real demo of the platform.