Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From knowbe4
Generates KnowBe4 security awareness reports covering phishing summary statistics, training completion rates, risk score overviews, trend analysis, organizational benchmarks, and executive dashboards. Interprets metrics and communicates posture to stakeholders.
npx claudepluginhub wyre-technology/msp-claude-plugins --plugin knowbe4How this skill is triggered — by the user, by Claude, or both
Slash command
/knowbe4:reportingThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
KnowBe4 reporting provides visibility into an organization's security awareness posture through phishing simulation metrics, training completion data, and risk scores. Effective reporting translates raw data into actionable insights for security teams, management, and compliance stakeholders. This skill covers how to retrieve, interpret, and present KnowBe4 metrics.
Manages KnowBe4 phishing simulations: creates campaigns, tracks recipient interactions (sent, opened, clicked, reported), calculates phish-prone percentages, analyzes results for security teams.
Analyzes Proofpoint People-Centric Security data including VAP reports, top clickers, user risk scoring, attack index, and threat analytics to identify high-risk users and implement targeted security controls.
Guides privacy program metrics including KPIs, leading/lagging indicators, benchmarking, executive reporting, and dashboards for compliance, risk, and effectiveness measurement.
Share bugs, ideas, or general feedback.
KnowBe4 reporting provides visibility into an organization's security awareness posture through phishing simulation metrics, training completion data, and risk scores. Effective reporting translates raw data into actionable insights for security teams, management, and compliance stakeholders. This skill covers how to retrieve, interpret, and present KnowBe4 metrics.
| Metric | Definition | Target |
|---|---|---|
| Phish-Prone Percentage (PPP) | % of users who failed phishing tests | Below 5% after 12 months |
| Training Completion Rate | % of enrolled users who completed training | Above 95% |
| Average Risk Score | Mean risk score across all active users | Below 30 |
| Reporting Rate | % of phishing tests reported via PAB | Above 70% |
| Click-to-Report Ratio | Ratio of clicks to reports | Below 0.5:1 |
| Time to First Click | Average time from delivery to first click | Increasing over time |
Phish-Prone Percentage (PPP):
PPP = (Users who failed / Users who received test) * 100
Interpretation:
- Decreasing PPP = Training is working
- Flat PPP = Need to change training approach
- Increasing PPP = New threats, new employees, or stale training
- Sudden spike = Especially effective phishing template
Training Completion Rate:
Completion Rate = (Completed enrollments / Total enrollments) * 100
Interpretation:
- Below 80% = Enforcement issue, need manager involvement
- 80-95% = Normal range, follow up on stragglers
- Above 95% = Excellent compliance
- 100% = Verify data -- may indicate auto-completion
Risk Score Trends:
Risk Trend = Current avg risk score - Previous period avg risk score
Interpretation:
- Negative trend = Improving (good)
- Flat trend = Plateau, consider changing approach
- Positive trend = Degrading, investigate cause
| Timeframe | Use Case | Audience |
|---|---|---|
| Weekly | Operational monitoring, active campaign tracking | Security team |
| Monthly | Trend analysis, department comparisons | Security manager |
| Quarterly | Executive summary, compliance reporting | Leadership, auditors |
| Annual | Year-over-year progress, program justification | Board, C-suite |
| Metric | Small (<250) | Medium (250-1000) | Large (1000+) |
|---|---|---|---|
| Initial PPP | 32.4% | 30.1% | 31.5% |
| PPP after 90 days training | 17.6% | 16.4% | 15.2% |
| PPP after 12 months | 5.4% | 4.8% | 4.5% |
| Training completion | 87% | 91% | 93% |
| PAB reporting rate | 45% | 52% | 58% |
| Field | Type | Description |
|---|---|---|
total_users | int | Total active users |
current_risk_score | float | Organization-wide average risk score |
phish_prone_percentage | float | Organization-wide PPP |
total_phishing_campaigns | int | Total phishing campaigns run |
total_training_campaigns | int | Total training campaigns run |
| Field | Type | Description |
|---|---|---|
total_campaigns | int | Number of phishing campaigns |
total_tests_sent | int | Total phishing emails delivered |
total_clicked | int | Total clicks across all campaigns |
total_reported | int | Total reports via PAB |
overall_ppp | float | Overall phish-prone percentage |
ppp_by_department | object | PPP broken down by department |
ppp_by_location | object | PPP broken down by location |
ppp_trend | array | PPP over time (monthly) |
| Field | Type | Description |
|---|---|---|
total_campaigns | int | Number of training campaigns |
total_enrollments | int | Total user enrollments |
completed | int | Number completed |
in_progress | int | Number in progress |
not_started | int | Number not started |
past_due | int | Number past due |
completion_rate | float | Overall completion percentage |
average_time_spent | int | Average seconds spent on training |
completion_by_department | object | Completion broken down by department |
| Tool | Description | Key Parameters |
|---|---|---|
knowbe4_reporting_account_summary | Get account-level summary stats | none |
knowbe4_reporting_phishing_summary | Get phishing simulation summary | start_date, end_date |
knowbe4_reporting_training_summary | Get training completion summary | campaign_id, start_date, end_date |
knowbe4_reporting_risk_overview | Get risk score overview | group_id |
knowbe4_reporting_ppp_trend | Get PPP trend over time | start_date, end_date, interval |
knowbe4_reporting_department_breakdown | Get metrics by department | metric_type |
SECURITY AWARENESS REPORT - [Month/Quarter]
============================================
KEY METRICS
- Phish-Prone Percentage: XX.X% (change from last period)
- Training Completion Rate: XX.X%
- Average Risk Score: XX.X
- PAB Reporting Rate: XX.X%
HIGHLIGHTS
- [Notable achievement or concern]
- [Notable achievement or concern]
DEPARTMENT RANKING (by PPP, best to worst)
1. [Department] - X.X%
2. [Department] - X.X%
...
RECOMMENDATIONS
1. [Action item]
2. [Action item]
DEPARTMENT SECURITY AWARENESS COMPARISON
=========================================
Department | PPP | Training | Risk Score | Trend
-------------|--------|----------|------------|------
IT | 3.2% | 98% | 15.4 | ↓
Finance | 8.1% | 95% | 28.7 | ↓
Sales | 22.4% | 82% | 52.1 | →
HR | 12.7% | 91% | 35.2 | ↓
Executive | 15.3% | 88% | 41.0 | ↑
| Code | Message | Resolution |
|---|---|---|
| 400 | Invalid date range | Use ISO 8601 format (YYYY-MM-DD) |
| 401 | Invalid API token | Verify KNOWBE4_API_KEY |
| 403 | Insufficient permissions | API token needs Reporting permissions |
| 404 | No data for period | No campaigns run during specified dates |
| 429 | Rate limit exceeded | Implement backoff (see api-patterns) |
| Issue | Cause | Resolution |
|---|---|---|
| PPP seems too low | Small sample size | Need more campaigns for statistical significance |
| Completion rate drops | New campaign started with fresh enrollments | Wait for campaign to mature |
| Risk score not updating | Calculated periodically, not real-time | Allow 24-48 hours for updates |
| Department data missing | Users lack department field | Update user profiles |
| Trend shows no data points | Date range too narrow | Expand date range |