← All Insights
Cybersecurity
Keepnet
Six-channel attack simulation in a market where everyone else only tests email. The product is ahead of the positioning.
Six-channel attack simulation in a market where everyone else only tests email. The product is ahead of the positioning.
Security Awareness Training is a $5-6 billion market growing at double digits, and the growth is not coming from where it used to. For a decade, the buyer justified SAT purchases with compliance requirements -- check the box, run a quarterly phishing test, move on. That era is ending. AI-generated phishing has made every employee a viable target, regulatory frameworks now mandate measurable behavioral outcomes, and CISOs have accepted what the data has been saying for years: human error is the primary attack vector, not infrastructure failure.
The market is also in the middle of a definitional shift. The leading vendors no longer sell "training." They sell "Human Risk Management" -- continuous, data-driven behavioral change rather than periodic awareness campaigns. This redefinition creates a narrow window. When a category gets renamed, the companies that move fastest to own the new language tend to hold that positioning for a generation. Keepnet is entering this window with a genuinely differentiated product, but the window will not stay open long.
Three incumbents define the competitive frame, and each owns a distinct narrative.
KnowBe4 owns the platform story. With 70,000+ organizations, a $4.6B acquisition by Vista Equity, and an aggressive free-phishing-test lead generation engine, KnowBe4 has made itself synonymous with security awareness at scale. Their moat is distribution, not technology. If you search "Keepnet vs KnowBe4," you will find KnowBe4's content dominating the results -- that is the scale advantage in action.
Hoxhunt owns the engagement story. Their gamification-led approach has produced genuinely impressive outcomes -- 16x lower phishing failure rates in published case studies. For enterprise buyers who care about behavioral metrics rather than checkbox compliance, Hoxhunt has built a credible alternative to KnowBe4's volume play.
Cofense owns the detection story. Rather than competing on training, Cofense focused on what happens after a phishing email lands: post-delivery detection with 8-minute average remediation times. It is a fundamentally different value proposition -- not "train employees to spot phishing" but "catch what gets through."
Keepnet, at Seed stage with roughly 40 employees, does not have the resources to outspend any of these players. But it has something none of them have: multi-vector simulation across six attack channels -- email, SMS, voice, QR code, MFA fatigue, and callback phishing -- in a single platform. Real attackers stopped limiting themselves to email years ago. Most simulation vendors have not caught up. Additionally, Keepnet's "Direct Email Creation" architecture delivers simulated phishing directly to inboxes without IT whitelisting -- removing the single biggest deployment friction in the category and producing simulations that match real-world attack fidelity.
A- Believability. This is where Keepnet punches above its weight class. Vodafone (113K hours saved), Coca-Cola, UNICEF, Merck -- these are not logos on a landing page, they come with specific outcome claims. A Gartner rating of 4.9 and G2 rating of 4.8 reinforce the credibility. For a Seed-stage company, this proof stack is unusually strong. The ISO 42001:2023 AI certification adds a layer that most competitors have not yet pursued.
B+ Clarity. The primary headline -- "Plan, Build and Deliver Security Awareness Training -- Fully Autonomously" -- communicates the core proposition clearly enough. But the introduction of "xHRM" (Extended Human Risk Management) creates unnecessary cognitive load. Prospects already navigating a category in flux now need to decode a proprietary acronym layered on top of an industry acronym that itself is still being adopted.
B Differentiation. Keepnet's Intelligent Segmentation framework -- Risky Behaviors, At-Risk Profiles, Psychological Personas, Cultural Profiles -- is genuinely distinctive. No competitor segments at this level of behavioral granularity. But the messaging wraps this differentiation in language that has lost all meaning in cybersecurity: "Hyper-Personalization," "AI-Powered," "Next-Gen." The real differentiator gets diluted by the same adjectives that every competitor uses.
The core tension: KnowBe4 tells a platform story. Hoxhunt tells an engagement story. Cofense tells a detection story. Keepnet has the product ingredients to tell a precision story -- simulation that mirrors how real attacks actually work, across every channel, with no artificial constraints. But the current messaging tries to own too many categories at once instead of committing to the one narrative no competitor can credibly claim.
Every competitor simulates phishing. Keepnet is the only one that simulates social engineering -- the full multi-vector, multi-channel reality of how modern attacks actually unfold. That distinction is worth building an entire positioning narrative around. The framing: most SAT vendors provide "training theater" -- email-only simulations that train employees for an attack pattern that sophisticated adversaries abandoned years ago. Keepnet provides reality. No whitelisting means real inbox delivery. Six channels mean real attack surface coverage. This is not a feature comparison. It is a philosophical claim about what security preparation should look like, and it is a claim that KnowBe4, Hoxhunt, and Cofense cannot credibly make without rebuilding their products from the ground up.
The capability exists. The demo does not exploit it. Imagine a live sales demo where a prospect's phone receives a simulated SMS, then a voice call, then an email -- all within sixty seconds, all part of a coordinated simulated attack scenario. No slide deck achieves what that experience would. It is visceral, it is memorable, and no competitor can replicate it in the room. The technical infrastructure for this already exists inside the product. The gap is in the go-to-market -- turning a product capability into a sales weapon that every AE deploys in every first meeting. This is the kind of demo that gets talked about internally at the prospect's company long after the call ends.
A third opportunity involves structuring a good-better-best packaging model that signals enterprise maturity to procurement teams. But designing that properly requires understanding Keepnet's current deal structure and channel dynamics. A fourth centers on transforming the Vodafone and UNICEF deployments into deeply documented proof narratives -- the kind with before/after metrics, named stakeholders, and specific operational context that turn logos into evidence. Both warrant dedicated analysis.
ProductBeacon monitors product leadership signals across European tech companies. Keepnet appeared on our radar because multiple product-adjacent roles had been open simultaneously, suggesting the platform is scaling faster than the product organisation around it. This analysis was created without any contact with the company, using only publicly available information (website, LinkedIn, press releases, job postings, and industry databases).
Analyst: Yohay Etsion, Managing Director, ProductBeacon. 17 years leading product organizations at NICE and Cognyte.
We help Seed and Series A companies close the gap between what the product can do and what the market hears. When the technology is ahead of the positioning, revenue gets left on the table.
Request a Diagnostic