Redflags
HRM platform delivering on-device nudges that intercept risky behaviour at the point of decision.
Vendor Information
Redflags Overview
Redflags is a Human Risk Management (HRM) platform built around on-device behavioural telemetry and pre-emptive nudges delivered at the exact moment a user is about to take a risky action, rather than relying on periodic training courses or after-incident remediation. The platform intercepts context-specific behaviour — clicking suspicious links, leaving screens unlocked, mishandling data — and delivers a brief intervention grounded in nudge theory and behavioural science, reinforcing safer choices without disrupting workflow.
The platform's three-stage workflow — Engage, Intervene, Measure — covers bite-sized microlearning content delivered directly to the desktop, on-device interception of risky actions at the point of decision, and real-time reporting on behaviour change rather than training completion rates. Published metrics include an 82% engagement rate with non-mandated content, a 70% reduction in unlocked screens, and a 36% drop in unknown sender clicks. Named customers with published case studies include Accenture, Dr Martens, Beacon, and Gamma Communications.
Redflags holds Cyber Essentials Plus and IASME Governance certifications. The platform is part of the NCSC for Startups programme and the FinTech Innovation Lab cohort (both 2022), and has received awards including techUK Cyber Innovator of the Year (2021) and SC Awards 2020 Best Professional Training/Certification Programme. Multilingual content delivery — referenced in the Dr Martens case study — positions the platform for global enterprises running security awareness across multiple regions.
Key Capabilities
Standardized capabilities mapped to this product's security niche
Fires when a user initiates a specific risky action (sending email to an external domain, uploading a file to an unapproved service, clicking a suspicious link) delivering guidance before the action completes.
Embeds interventions natively in email clients (Outlook, Gmail), browsers, and collaboration tools (Teams, Slack), intervening at the point of risk without requiring a separate application.
Tracks whether intervention recipients change the risky behavior over subsequent weeks, measuring actual behavioral impact rather than click-through or completion metrics.
Varies intervention content, frequency, and tone based on the user's risk profile and response history, higher-risk users receive more frequent and direct interventions.
Provides team-level risk dashboards visible to people managers and HR, enabling business-side accountability for security behavior separate from the security team dashboard.
Calculates individual security risk scores from observed actions (phishing simulation results, policy violations, risky application usage), rather than training completion status alone.
Intercepts risky actions (sending email to an external domain, uploading to an unapproved service), and presents a contextual security prompt before the action completes.
Assigns training modules based on each user's observed risk behaviors, role, and previous training results rather than delivering the same content to all users.
Integrations
Compatible tools and platforms
Solution Details
Deployment Options
Where and how this solution can be deployed
Support Channels
Available support and communication options
Pricing Model
How this solution is priced
How to buy
This profile hasn’t been claimed yet. Contact the vendor directly for pricing and purchasing options.
Is this your company?
Claim Your Profile