Security Awareness Training
Does Coro provide compliance awareness training?
Yes. Coro provides courses for GDPR, HIPAA, and PCI DSS. For more details, see Configuring security training course enrollment.
What are the prerequisites for the Security Awareness Training module?
To use the Security Awareness Training (SAT) module in Coro, you need to:
- Connect Microsoft 365 or Google Workspace to your Coro workspace.
- Allowlist the domains and IP addresses the SAT module uses with your email provider.
How do users complete a Security Awareness Training course?
Coro automatically enrolls protected users in Security Awareness Training courses configured by admin users through the Coro console. Those users receive an email notifying them of course enrollment with a link to start the course.
How does an existing Security Awareness Training course configuration apply to new users?
New users added to protection in Coro are automatically assigned the active Security Awareness Training courses configured in your workspace. If enabled, new users also receive the onboarding course as standard.
How do I prevent Microsoft or Google from reporting phishing simulation emails as a false positive?
Follow the instructions in Coro's allowlisting guide.
What courses does Coro offer as part of Security Awareness Training?
Coro continuously evaluates Security Awareness Training course offerings to ensure customers are provided the best options.
For the latest course details, see Training courses and simulations.
What is a phishing simulation?
A phishing simulation is a training exercise where users receive emails that mimic real phishing attempts. These simulated emails may contain elements like spoofed domains, spelling errors, and suspicious links. Coro tracks recipient interactions with these emails and tailors security awareness training accordingly.
Why won't my Security Awareness Training course videos load?
Security Awareness Training course videos are embedded via Vimeo. There are a few addresses you may need to allow through your network if you are facing video display problems:
https://player.vimeo.com/video/
Why is my email application blocking images within simulation emails from loading?
Some email applications block images by default and ask the recipient if they'd like to load the images in the email.
Depending on your application, you can add the sender address to a safe-senders list to allow images from those senders to load automatically.
To allow images in Outlook, use the following Microsoft guide:
Block or unblock automatic picture downloads in email messages - Microsoft Support
You can also allow images through a Group Policy, as shown in the following Microsoft Guide:
To allow downloading images in Gmail, use the following Google guide:
Turn images on or off in Gmail - Computer - Gmail Help (google.com)
Does the Security Awareness Training module support applications other than Microsoft 365 or Google Workspace?
No. To use the Security Awareness Training module, you must connect your workspace to Microsoft 365, Google Workspace, or both.
Does Coro Complete include the Security Awareness Training module?
No. Security Awareness Training is available as a separate, standalone module and is not included in the Coro Complete bundle.
How many phishing simulation email templates does Coro provide?
Coro provides 16 unique phishing simulation email templates as part of the standard 12-month Security Awareness Training plan. Coro tailors the templates to your environment, such as Microsoft 365, Google Workspace, or a hybrid setup, so users receive simulations that appear relevant and legitimate based on their cloud application.
For more information, see Training courses and simulations.
Can I preview the available Security Awareness Training courses?
No.
Can I send phishing simulation campaigns to specific groups of users within a workspace?
No. Coro sends phishing simulations to all protected users in your workspace.
Are there different types of phishing emails in the simulation campaigns?
Yes. Coro includes a variety of email templates covering common phishing scenarios.
For more information, see Training courses and simulations.
Can admin users schedule phishing simulation campaigns?
No. Coro automatically sets the simulation schedule as part of the Security Awareness Training plan. Admin users cannot adjust or release campaigns manually.
Do users receive training after failing a phishing simulation?
Yes. Coro assigns tailored additional training to strengthen the user's ability to recognize and respond to phishing threats in real-world scenarios.
Why are Security Awareness Training emails going to my Junk folder?
Before activating Security Awareness Training, Coro requires administrators to allowlist a set of email domains and IP addresses in your organization's email service. This ensures that training and phishing simulation emails are not blocked or marked as junk.
For more information, see Allowlisting Coro as a safe sender for Security Awareness Training.
When does an assigned Security Awareness Training course become overdue?
Assigned Security Awareness Training courses become overdue after 30 days.
Does Security Awareness Training work without the Email Security module?
Yes. Security Awareness Training (SAT) works without the Email Security module if your Microsoft 365 or Google Workspace account is connected. However, some features are limited:
- SAT does not log or track reported emails.
- The SAT dashboard does not display reporting statistics, such as how many users reported phishing simulation emails.
- SAT does not generate entries in the Phishing simulations summary report.
Does Security Awareness Training support languages other than English?
No. Security Awareness Training currently supports English only. This includes both course content and subtitles.
Does Security Awareness Training support role-based training?
No. All users receive the same training courses.
Does Security Awareness Training include compliance-specific courses like HIPAA?
Yes. For more information, see Compliance training.