[NEW FEATURE] KnowBe4 User Event API Helps You Tailor Security Awareness Training Based on Custom User Risk Events

You already know the importance of frequent year-round simulated phishing attacks and security awareness training for your users to help you build a more resilient and secure organization. You use the results from your phishing and training campaigns to tailor targeted and remedial training for those users that present a higher risk to the safety and security of your organization’s data and networks.

You also likely track, monitor, and measure your users’ security-related events or activities in many ways with third-party security assessment and monitoring tools. What if you could take your most important risk events on users from all your physical security and cybersecurity controls, import them into a single place, and use this information to augment the personal risk scores of your users and also automatically assign custom training or phishing campaigns based on these events?

Now you can with the new KnowBe4 User Event API. The new User Event API enables you to send custom security-related user events from your third-party security platforms (like Mimecast, Splunk, etc.) or any other external data source and push to your KnowBe4 Console in order to add these events to your users’ timelines.  The User Event API helps you continue to evolve and refine your security awareness program by adding these events to your users’ timelines and augmenting their personal risk scores to help you tailor specific phishing and training campaigns that ultimately enable your users to make smarter security decisions.


With the KnowBe4 Smart Groups feature, you can search the KnowBe4 console for your custom user events through the creation of Smart Groups. Setup new Smart Groups with automated workflows to trigger and deliver phishing and training campaigns based on any user events that point out user vulnerabilities and risks that you’d like to address through security awareness training. With Smart Groups, you can easily identify the user activities you want to include and set up tailored training campaigns with specific content for any users that have these activities on their timeline.  

You can add events to your users’ training and phishing timelines such as going to a risky site the firewall blocked, clicking on a phishing link that your email security system didn't catch, or when certain software is detected as being installed on a user’s computer.

Below are examples of how custom user events can be used to strengthen your security awareness training:

Third-Party Security, Monitoring, Ticketing, or Device Management Tools

  • Real Phishing Incidents

  • Password Lockouts

  • Copy/Paste from external devices

  • Excessive attempts to visit website that are blocked

Physical Security
  • Tailgating

  • Unlocked Computer 

  • Unusual hours in and out of the office

  • Lost/Stolen Equipment

Social Engineering

  • Innocuous events based on employee information, such as birthdays, out of office events, or current events
 for custom phishing, pretexting

Other Corporate Training or Professional Development

  • HR, Compliance or other training events from another LMS

  • Professional certification (I.e. InfoSec and Privacy credentials)

The API supports submission of events individually or in batches, with unlimited types of user events you can bring into the Console. The new API is available to KnowBe4 customers with a platinum or diamond level subscription.

For more details visit the KnowBe4 Support Knowledgebase:

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews