Phishing simulation campaigns
that turn behavior into security metrics
Sentria lets companies and MSSPs run realistic phishing campaigns, track clicks and reports by department, and generate clear reports to reduce human risk and prove progress.
Sent
2.847
Click rate
4.2%
Report rate
68%
Avg. score
B+
Campaigns
realistic phishing in production
Metrics
open, click and report per user
By department
granular human-risk metrics
Compliance
evidence of a continuous program
For organizations that measure the human factor as a defense layer
The problem
Technology protects the perimeter. Who measures human risk?
Firewalls, gateways and antivirus block technical threats. But when phishing gets through — and eventually it does — the decision is in the hands of whoever receives the email. Without measurement, that risk is invisible.
One wrong click compromises everything
91% of corporate attacks start with an email. A single employee clicking a malicious link can compromise credentials, install malware or authorize a fraudulent transfer.
Without continuous measurement, human risk is invisible
Without recurring campaigns and per-department metrics, the organization doesn't know who would click on phishing — or whether posture is improving. Security decisions become guesses.
No metrics, no prioritization
Most organizations don't know which department is most vulnerable, who responds best to threats or where risk is concentrated. Without data, there's no way to prioritize investment.
Regulations require a documented continuous program
GDPR, ISO 27001 and sector regulations require evidence of a continuous security program. Without a platform, the organization cannot prove operation for an audit.
The solution
Campaigns + metrics + reports in one platform
Sentria runs continuous simulated phishing campaigns, measures every employee's behavior (click, report, ignore) and generates risk reports by department, role and unit — with time-based trends.
- Simulated phishing campaigns with realistic, customizable templates
- Advanced segmentation by department, role and unit
- Open, click and report metrics per employee
- Human-risk score with time-based trends
- Executive and compliance reports for GDPR, ISO 27001 and audits
- Templates updated with real threats observed in the market
Campaign planning
Templates, department segmentation, scheduling
Simulation delivery
Simulated phishing delivered via SMTP with tracking
Metrics collection
Open, click, report and ignore per user
Risk-score calculation
Aggregated by department, role and unit
Executive and compliance report
Score, time-based trend and audit evidence
Integrations
Benefits
What changes with continuous measurement of human risk
Real visibility of who reacts and who clicks. Metrics that improve month over month. Evidence that survives the audit.
Simulations with real threats
Templates based on attacks observed in the market. Each campaign is contextualized for the organization's sector and profile — phishing that looks like the real thing.
Metrics that make risk visible
Click rate, report rate and reaction time per employee, department and role. A real-time dashboard shows where risk is concentrated.
Time-based trends measured
Dashboard with click, report and score by department over time. The organization sees whether campaigns are actually reducing human risk.
Measurable risk reduction
Organizations that run regular phishing simulation campaigns reduce click rates by up to 75% within 12 months. Real data, not estimates.
Validation at any scale
From 50 to 50,000 employees. Segmentation by department, role, branch. Each group receives campaigns suited to its risk profile.
Documented compliance
Periodic reports with simulation evidence, per-department metrics and risk-score evolution. Ready for GDPR, ISO 27001 and sector audits.
Who is Sentria for
If your employees receive email,
your organization needs to measure human risk
Sentria serves any organization where email is a work channel. If an employee can click on phishing and cause an incident, the organization needs continuous campaigns and metrics to track how risk evolves.
Companies with many employees
Organizations with hundreds or thousands of email accounts that need a structured program for measuring human risk.
Financial sector
Banks, fintechs and insurers with high exposure to BEC, fraud and regulatory requirements for documented security programs.
Healthcare and hospitals
Environments with sensitive patient data and high staff turnover. Continuous campaigns against phishing and social engineering.
Education and universities
Thousands of accounts with diverse profiles. Students, faculty and staff with different levels of digital maturity.
Retail and e-commerce
Commercial and operational teams frequently targeted by brand phishing and credential compromise.
Industry and manufacturing
Employees in OT/IT environments exposed to ransomware via email and targeted social engineering.
Providers and MSSPs
Partners offering phishing campaigns as a service to their clients. Multi-tenant model with centralized management.
Compliance-driven organizations
Companies that need to document a continuous security program for GDPR, ISO 27001, PCI-DSS or sector audits.
Features
Everything to measure and reduce human risk in one platform
From simulation to report. From click to score. Every feature designed to make human risk measurable.
Simulated phishing campaigns
Realistic templates with per-organization customization. Scheduling, segmentation and full tracking of every interaction.
Human-risk score
Algorithm combines click rate, report rate and reaction time. Resulting 0–100 score per employee, aggregated by department, role and unit.
Risk dashboard
Risk score by department, role and unit. Time-based trend and cross-campaign comparison in a single view.
Group segmentation
Differentiated campaigns by department, hierarchy level or risk profile. Each group receives a scenario tuned to its context.
Templates based on real threats
Template library updated with threats observed in the market. Campaigns reflect the current attack landscape.
Report button
Email plugin to report phishing. Measures report rate — the most important defensive-maturity indicator.
Executive and compliance reports
Simulation evidence, per-department metrics and score evolution for GDPR, ISO 27001, sector regulations and audits.
API and integrations
REST API for integration with SIEM, SOAR and HR platforms. Webhooks for real-time campaign events.
Architecture
How Sentria integrates with security operations
Multi-tenant SaaS platform that sends simulations via proprietary infrastructure, collects behavior metrics and generates reports automatically.
Inputs
Employees
Import via CSV, AD or API
Templates
Library + custom
Threat intelligence
Real threats in the market
Policies
Segmentation and frequency
Platform
Sentria
Awareness Platform
Outputs
Human-risk score
Per employee, department and global
Campaign metrics
Open, click, report, reaction time
Compliance reports
GDPR, ISO 27001, audits
Alerts and webhooks
Events for SIEM/SOAR
Platform
Designed for organizations of any size
From 50 to 50,000 employees. Segmented campaigns, granular risk scoring and real-time metrics that scale without operational complexity.
Scalable
from 50 to 50,000+ employees
Automated
recurring campaigns and auto-segmentation
Integrated
AD, SIEM, SOAR, REST API
Auditable
compliance evidence
For MSSPs and security providers
Human-risk validation across all your clients in one platform.
Sentria lets providers and MSSPs offer phishing training as a service — with centralized management of multiple clients, automated campaigns, executive reports and compliance evidence.
All features are included. The partner pays only for the total volume of active users.
Included for MSSP partners
FAQ
Frequently asked questions
Does Sentria send real phishing?
No. Sentria sends simulations — emails that mimic real phishing but contain no malicious payload. The goal is to measure behavior and generate risk evidence, not cause harm.
Are the simulation templates realistic?
Yes. The template library is continuously updated with real threats observed in the market. Each simulation reflects what is actually attacking organizations in the same sector, making measurement relevant and contextualized.
What is the human-risk score?
A 0–100 score calculated per employee, combining click rate, report rate and reaction time. Aggregated by department, role and unit. The lower, the better — you track evolution month over month.
Does it work with Microsoft 365 and Google Workspace?
Yes. Sentria sends simulations via proprietary infrastructure (SMTP) and integrates with directories (AD, Google Directory) for employee import and segmentation.
How do department metrics work?
Each campaign generates open, click, report and reaction-time data by department, role and unit. The dashboard shows the risk score and trend over time.
Are the reports suitable for compliance?
Yes. Reports with simulation evidence, per-department metrics and risk-score evolution. Compatible with GDPR, ISO 27001 and sector regulations.
How do I start using Sentria?
Contact us for a technical assessment. We size the program based on employee count, current risk profile and compliance requirements.
Ready to make your organization's human risk measurable?
Our team sizes the ideal campaigns-and-metrics program for your organization — from the first simulation to the compliance report.