Yes. Coro provides courses for GDPR, HIPAA, and PCI DSS. For more details, see Configuring security training course enrollment.
To use the Security Awareness Training (SAT) module in Coro, you need to:
- Connect Microsoft 365 or Google Workspace to your Coro workspace.
- Allowlist the domains and IP addresses the SAT module uses with your email provider.
Coro automatically enrolls protected users in Security Awareness Training (SAT) courses configured by admin users through the Coro console. Those users receive an email notifying them of course enrollment with a link to start the course.
New users added to protection in Coro are automatically assigned the active Security Awareness Training (SAT) courses configured in your workspace. If enabled, new users also receive the onboarding course as standard.
Follow the instructions in Coro's allowlisting guide.
Coro continuously evaluates Security Awareness Training (SAT) course offerings to ensure customers are provided the best options.
For the latest course details, see Training courses and simulations.
A phishing simulation is a training exercise where users receive emails that mimic real phishing attempts. These simulated emails may contain elements like spoofed domains, spelling errors, and suspicious links. Coro tracks recipient interactions with these emails and tailors security awareness training (SAT) accordingly.
Security Awareness Training (SAT) course videos are embedded via Vimeo. There are a few addresses you may need to allow through your network if you are experiencing video display problems:
https://f.vimeocdn.com
https://player.vimeo.com/video/
Some email applications block images by default and ask the recipient if they'd like to load the images in the email.
Depending on your application, you can add the sender address to a safe-senders list to allow images from those senders to load automatically.
To allow images in Outlook, use the following Microsoft guide:
Block or unblock automatic picture downloads in email messages - Microsoft Support
You can also allow images through a Group Policy, as shown in the following Microsoft Guide:
To allow downloading images in Gmail, use the following Google guide:
Turn images on or off in Gmail - Computer - Gmail Help (google.com)
No. To use the Security Awareness Training (SAT) module, you must connect your workspace to Microsoft 365, Google Workspace, or both.
No. Security Awareness Training (SAT) is available as a separate, standalone module and is not included in the Coro Complete bundle.
Coro provides 16 unique phishing simulation email templates as part of the standard 12-month Security Awareness Training (SAT) plan. Coro tailors the templates to your environment, such as Microsoft 365, Google Workspace, or a hybrid setup, so users receive simulations that appear relevant and legitimate based on their cloud application.
For more information, see Training courses and simulations.
No.
No. Coro sends phishing simulations to all protected users in your workspace.
Yes. Coro includes a variety of email templates covering common phishing scenarios.
For more information, see Training courses and simulations.
No. Coro automatically sets the simulation schedule as part of the Security Awareness Training (SAT) plan. Admin users cannot adjust or release campaigns manually.
Yes. Coro assigns tailored additional training to strengthen the user's ability to recognize and respond to phishing threats in real-world scenarios.
Before activating Security Awareness Training (SAT), Coro requires administrators to allowlist a set of email domains and IP addresses in your organization's email service. This ensures that training and phishing simulation emails are not blocked or marked as junk.
For more information, see Allowlisting Coro as a safe sender for Security Awareness Training.
Assigned Security Awareness Training (SAT) courses become overdue after 30 days.
Yes. Security Awareness Training (SAT) works without the Email Security module if your Microsoft 365 or Google Workspace account is connected. However, some features are limited:
SAT does not log or track reported emails.
The SAT dashboard does not display reporting statistics, such as how many users reported phishing simulation emails.
SAT does not generate entries in the Phishing simulations summary report.
Yes. Coro enables admin users to select the default locale for simulation emails. They can also update the default locale at any time. The selected language affects the localization of content used in phishing simulations, such as language, currency, and location.
For training courses, users can choose their preferred language at the start of the course.
No. All users receive the same training courses.
Yes. For more information, see Compliance training.
While you can’t create custom phishing campaigns, you can activate Coro’s predefined phishing simulations or compliance training courses.
For more information, see Configuring phishing simulation emails.
Yes. As soon as you add a user to Coro protection, Coro immediately sends them the current month’s content pack, which includes the phishing simulation and assigned course. They won’t receive any previous content. Their training continues with the modules scheduled from the moment they are added to Coro protection.