Get Started with InsightPhish

InsightPhish is Rapid7's phishing identification, analysis, and simulation solution. InsightPhish enables your organization to report suspected phishing attacks and lets your security team simulate internal phishing campaigns to improve resiliency. The goal is to help your organization learn to identify the key indicators of a phishing attack so that instead of interacting with phishing messages, your users report them. Streamlined reporting and analysis tools enable you to quickly identify and respond to reported campaigns that are underway.

To help achieve these goals, InsightPhish serves two key use cases:

  • Review - Review lets your organization easily report suspicious looking emails to your security team so they can investigate and determine if the email poses a legitimate threat. It eliminates noise so you can focus on responding to real phishing threats and reduces the amount of effort and time it takes to investigate, analyze, and respond to reports of phishing attempts.
  • Simulate - Simulate generates authentic looking phishing attacks, which enables you to evaluate and improve your organization's ability to detect and handle malicious emails. You can track your organization's performance over time to determine the effectiveness of your security training programs and learn how you can implement additional educational measures to improve awareness.

Sign Up for an Account

The first thing you need to do is create an InsightPhish account. Go here to sign up. After you sign up, you'll receive an email that will let you create a password for your account.

Log in to InsightPhish

Already have an account? Great! Let's log in to InsightPhish.

Next Steps for Set Up

Now that you've logged in to InsightPhish, you're ready to set up and customize your experience.

Here's what you'll need to do next:

After you've completed these steps, you'll be ready to start simulating campaigns and reviewing any potentially real reported threats.

Get Started with InsightPhish