
Security Awareness & Training
Pistachio Security Awareness Platform
Human risk management with adaptive training and insider-threat detection for Microsoft Entra ID.
Pistachio Security Awareness Platform Overview
What it does
Pistachio Security Awareness Platform is a Human Risk Management (HRM) platform for organizations on Microsoft Entra ID. It pairs two modules: Practice delivers adaptive security awareness training and phishing simulations inside everyday workflows, and Presence provides behavioral insider-threat detection that learns each account's normal activity rhythm. Setup uses Microsoft single sign-on (SSO) with Entra ID group sync; the vendor states configuration takes under ten minutes and that products then run without manual administration.
How it works
Practice personalizes simulation difficulty and training frequency per user, sending scenario-based questions and simulations via email and Microsoft 365-integrated workflows rather than a separate training portal. Presence monitors Microsoft 365 and connected third-party applications such as GitHub and HubSpot, correlating login, download, and permission patterns to alert on data exfiltration, account takeover, and permissions misuse. Presence injects canary messages into admin mailboxes and surfaces a seven-day snapshot of emerging low-risk behaviors. Admins get organization-wide dashboards, on-demand PDF management and compliance reports, and Entra ID sync every 30 minutes to keep licensed users current.
Credentials and traction
Pistachio is ISO 27001 certified, with its security practices independently verified and audited, and its app carries a Microsoft 365 publisher attestation covering its security, compliance, and data-handling practices. The vendor states it also meets GDPR data-protection obligations. Adoption spans hundreds of organizations, primarily mid-market and enterprise teams standardized on Microsoft 365, across verticals including education, energy, manufacturing, and logistics.
Key Capabilities
mapped to solution categoriesProvides team-level risk dashboards visible to people managers and HR, enabling business-side accountability for security behavior separate from the security team dashboard.
Syncs user rosters, role changes, and offboarding events from HRIS and identity providers, keeping the platform enrollment current without manual administration.
Includes training content mapped to specific compliance control requirements (HIPAA workforce training, GDPR data handling, PCI DSS cardholder data procedures).
Calculates individual security risk scores from observed actions (phishing simulation results, policy violations, risky application usage), rather than training completion status alone.
Sends simulated phishing emails at configurable frequency and difficulty, tracking click, credential submission, and report rates per user and department.
Assigns training modules based on each user's observed risk behaviors, role, and previous training results rather than delivering the same content to all users.
Combines multiple weak behavioral signals into a single risk score per user or entity, ranking which accounts warrant investigation so analysts focus on the highest-risk anomalies.
Builds behavioral baselines per user account, device, and application, capturing access timing, resource usage patterns, and activity volumes specific to each entity rather than aggregate thresholds.
Models attacker-in-residence scenarios (pre-resignation data staging, after-hours privileged access, bulk download exceeding peer norms), with risk scores decaying appropriately for resolved anomalies.
Compliance
certificationsIntegrations
compatible toolsImplementation & support
Info last updated on May 28, 2026
Vendors
Is this your product?
Claim your profile to connect with the teams looking for your solutions.