Webroot enhances Security Awareness training offerings

While Webroot has updated their course content and made it easier for MSPs to construct phishing lure pages, the major attraction here is likely a new Client Breach Report that the MSP can use as a pre-sales tool.

MSP-focused cybersecurity vendor Webroot has announced a series of enhancements to the Security Awareness training they have made available for MSPs to offer their customers for a little over a year.

“The principal new thing here is the new Client Breach Reports,” said George Anderson, Director of Product Marketing at Webroot. “These are not new in the industry, but they are new for us. In addition, we have upgraded our training campaigns to make them more MSP ready, and to accommodate the fact that MSPs are not trained instructors. We have also updated course content, including a new phishing lure page framework. And we have integrated the Webroot Global Site Manager console, to provide for easier management of training activities.”

Webroot has offered security awareness training since December 2017, after their acquisition of Portland-based SecureCast and a subsequent beta.

“In addition to anti-phishing training, SecureCast also offered proper security awareness training and also compliance training,” Anderson said. “We bought them because they had a learning management system, and we wanted to go into that.”

Webroot’s Security Training, like their Business Endpoint Protection and DNS solutions, uses the continuous threat intelligence analysis and contextual data provided by the Webroot platform. That intelligence is central to the new Client Breach Report, a new risk assessment tool that lets MSPs create a report that outlines breaches associated with any client or domain, organized by user and breach. It includes a summary of the breach, a list of breached data by category, and impacted users.

“This is something that we didn’t have before,” Anderson said. “What we are rolling out here is the first stage, which is a fairly simple thing around the verification of the domain. We will add more features and functionality around it as we move forward.”

The Client Breach report, even in its present limited form, is an ideal pre-sales tool for the MSP.

“It shows where the clients are vulnerable, and indicates where security awareness training can be useful,” Anderson said. It also lets the MSP advise them on tactics to avoid future security incidents.

Another enhancement is the ability of customers to launch training campaigns across multiple client sites in a single workflow in a way that creates a global snapshot of users’ progress in one view across all clients or by site.

“Most training is not designed to be MSP-ready,” Anderson said. “Because Webroot is completely focused on the MSP market, what we have done here is enabled an MSP to give global level training, where things are arranged in a hierarchical way, but with the ability to drill down to a specific client. Nobody has approached training from that perspective before. We do it because we are MSP-focused.”

The integration of the Webroot Global Site Manager provides single-pane-of-glass management to facilitate this.

“At the global level, MSPs have had to go down to each individual client level, and this is a way to put the whole thing together,” Anderson said. “MSPs are IT people and not trainers, so making that as easy as possible for them is a priority.”

Webroot also announced updates to their course content, with new course themes this quarter including password and email security training, as well as real-world breach scenario simulations.

“We are looking at linking threats more and more to course content,” Anderson said. “We’ve also got an attitude with content. You don’t want reams and reams of it. You want high quality, short content – and refresh it at a good rate – so that ideally, people don’t see the same thing twice.”

Finally, Webroot has made it easier to construct phishing lure pages. Users can now copy an image of a form for a phishing lure page rather than writing HTML code. Admins simply enter a URL and the solution can display the lure page as an image. This actually mimics how hackers set up phishing pages.

“It’s now much easier to set up the lure pages, so that MSPs can create lot of them,” Anderson said. “It’s a good enhancement.” He also noted that Webroot has changed the way they construct these pages to avoid Google triggering safe browsing against them.