You are using an ad blocker that is interfering with our web typography and internal javascript. Please whitelist our domain to live in a more beautiful world. No ads here, just really great software!

Experience Everywhere On-Demand: Learn how Global 2000 firms are approaching Digital Employee Experience in 2021. Get Access

Security Awareness Program

Latest Version:


Campaigns - 4
Dashboards - 3
Investigations - 5
Metrics - 40
Scores - 2

Required Products

Nexthink Engage


Windows only


V6.17 and later


This pack uses Scores which must be configured by Nexthink Professional Services or by a certified Nexthink partner.

A comprehensive Security Awareness pack consisting of employee risk assessment, risk education and real-time security improvements to avoid threats from occurring.

Part of the Employee Security Awareness Solution by Nexthink.

The content pack is structured as follows:

Employee Security Risk module

For each employee across the organization, a risk score is calculated based on 4 basic risk scenarios:

  • users accessing to suspicious domains
  • users executing applications from USB
  • users running new / unknown applications
  • users generating high external traffic

Employees with high risk score are potential candidates to a specific security awareness campaign.

Note: risk scenarios must be adapted for each environment, ideally based on a risk assessment outcome.

Employee Security Awareness module

The first dashboard (Initial campaign) summarizes the results of a generic campaign that calculates an "awareness score" for each employee. Different security topics are covered, such as malwares, incident response, phishing or privileged accesses. It can be considered as a baseline to assess the knowledge across the company regarding information security.

The second dashboard (Single-questions campaign) presents the results of simple campaigns that are targeted to specific employees. For example, for users with a high-risk score due to multiple executions from USB mass-storage devices, a dedicated campaign related to the risks of such behaviors is published.

Note: again, this example has to be adapted to the real needs in term of information security education for each organization. Awareness campaigns must be developed in collaboration with internal security stakeholders.



  • - 30 Mar 2021 - Fixed issue resulting in campaigns not importing in finder.
  • - 04 Jan 2021 - Removed metric "Number of Users Accessing Suspicious Domains" as it used "Nexthink Enhance" which is no longer supported.
  • - 04 Apr 2019 - Initial release