
Security Awareness & Training
Redflags
HRM platform delivering on-device nudges that intercept risky behaviour at the point of decision.
Redflags Overview
What it does
Redflags is a Human Risk Management (HRM) platform that intercepts risky employee actions at the point of decision with on-device behavioral telemetry and context-aware nudges rather than periodic training courses. The platform monitors cyber hygiene signals including AI tool usage, phishing risk, data egress, and unapproved application downloads, then delivers brief interventions grounded in nudge theory when a user is about to take a risky action. Its Engage, Intervene, Measure workflow combines desktop microlearning, real-time nudges, and reporting on behavior change rather than completion rates.
How it works
Redflags applies behavioral science to flag suspicious link clicks, unlocked screens, password hygiene issues, and unsafe AI or agentic tool use without disrupting everyday workflows. Admins configure campaigns, customize content and branding, and track engagement and risk reduction through behavioral dashboards. Published customer metrics include 82% engagement with non-mandated content, a 70% reduction in unlocked screens, and a 36% drop in unknown-sender clicks. Case studies cite Accenture, Dr Martens, Gamma Communications, and Beacon.
Credentials and traction
Redflags holds Cyber Essentials Plus and IASME Governance certifications and is delivered as an NCSC Assured Training course. ThinkCyber won Best Cyber Security Training and Awareness Product or Service at the 2024 TEISS Awards and was named techUK Cyber Innovator of the Year in 2021. Named customers include Accenture, Dr. Martens, Gamma Communications, and Beacon Cymru, spanning large enterprises, public sector bodies, and critical national infrastructure organizations.
Key Capabilities
mapped to solution categoriesFires when a user initiates a specific risky action (sending email to an external domain, uploading a file to an unapproved service, clicking a suspicious link) delivering guidance before the action completes.
Embeds interventions natively in email clients (Outlook, Gmail), browsers, and collaboration tools (Teams, Slack), intervening at the point of risk without requiring a separate application.
Tracks whether intervention recipients change the risky behavior over subsequent weeks, measuring actual behavioral impact rather than click-through or completion metrics.
Varies intervention content, frequency, and tone based on the user's risk profile and response history, higher-risk users receive more frequent and direct interventions.
Provides team-level risk dashboards visible to people managers and HR, enabling business-side accountability for security behavior separate from the security team dashboard.
Calculates individual security risk scores from observed actions (phishing simulation results, policy violations, risky application usage), rather than training completion status alone.
Intercepts risky actions (sending email to an external domain, uploading to an unapproved service), and presents a contextual security prompt before the action completes.
Assigns training modules based on each user's observed risk behaviors, role, and previous training results rather than delivering the same content to all users.
Measures security culture and employee sentiment through surveys and behavioral indicators, tracking how attitudes and norms shift over time and which teams need leadership attention.
Includes training content mapped to specific compliance control requirements (HIPAA workforce training, GDPR data handling, PCI DSS cardholder data procedures).
Integrations
compatible toolsImplementation & support
Info last updated on May 28, 2026
Vendors
Is this your product?
Claim your profile to connect with the teams looking for your solutions.