Before using the platform, you need to add the IP addresses of platform servers and email servers to which the platform will send emails to the list of approved addresses.
Once you register on the ASAP platform, the trial period begins, and the platform will be available to use in full. You can check when the trial period ends in the Licenses and companies section.
When you first start using the platform, we recommend the following:
During registration, an account and its associated company are created on the platform. If you plan to train employees from multiple companies, you need to add their companies in your account. If you add multiple companies to the platform, you can toggle workspaces to manage training for each of them.
To limit access, you can add an admin for each company. The set of rights to perform operations on the platform is determined by the role assigned to the admin.
You can add users manually, import a list of users as an .xlsx file, or configure the synchronization of the application with Active Directory to automatically retrieve data about domain accounts.
We recommend reading through the training materials in the Content section before configuring the training settings. In the Main Course and Express Course tabs, you can select any of the training units to see the topics, tests, and phishing attacks it contains. You can also complete any number of lessons and tests you want. You can add your own slides to lessons, which describe situations that are typical for your company.
Users can only complete training in groups. Groups define the training program for all its users.
The training program for groups is based on the following settings:
The assigned level depends on the degree of risk that a particular user group may pose to the company. The higher the risk, the higher the level should be.
You can use groups pre-installed on the platform and change their settings, or create new groups.
You can specify a group when adding a user, move a previously added user to a group manually, or use automatic group distribution rules.
If necessary, you can enable or disable mock phishing attacks for all company employees, as well as the early tests option.
As soon as training for the selected group begins, employees will receive an email inviting them to click a personalized link to the training portal. The link is generated on the platform using the domain name assigned to the company. Employees don't have to log in to the platform.
You can also enable SSO technology and send users a shared link to access the portal. In this case, authentication will be carried out using the accounts of the identity provider.
We recommend mentioning training to your employees in advance so they're aware of it and don't think the platform is spamming them.
In addition to phishing attacks as part of training units, you can also create a phishing campaign to test a user's current skills. To create a phishing campaign, you can use one of the platform's pre-installed templates. The results will also help identify gaps in user knowledge so you can adjust the training program accordingly.
After training starts, you can track the progress and personal charts of users using reports and information widgets in the Dashboard section.