HailBytes SAT
Security Awareness Training Platform

Formerly GoPhish Cloud

HailBytes Security Awareness Training Platform

Run phishing simulations, route user reports faster, and show clear risk trends with board-ready reporting. Built for MSSPs, managed security teams, and enterprise buyers who need training that proves impact. Deploy on AWS or Azure in minutes.

Deploy on Azure Deploy on AWS Book a Demo

Deploys as a single VM, an HA pair across availability zones, or an auto-scaling group — same marketplace meter rate across all three. See deployment topologies.

See HailBytes SAT in Action

A guided tour of the platform, from first login through campaign launch and post-click training.

HailBytes SAT product demo video thumbnail

Full 4-minute walkthrough captured live from the product.

A Complete Platform Tour

From first login to executive reporting - the essentials for running a recurring phishing program with less manual work.

Secure Sign-On: SSO, SAML, OIDC, SCIM

Username/password with TOTP MFA is the baseline. Layer on OIDC SSO (Microsoft Entra ID, Google Workspace) or SAML 2.0 (Okta, OneLogin, JumpCloud, Auth0, or any standards-compliant IdP) for single sign-on. Add SCIM 2.0 provisioning to auto-create, update, and deactivate users straight from your identity directory, with no manual onboarding required. Deploy once, integrate with your identity provider, and onboard your whole team in minutes.

HailBytes SAT login page with username, password, and first-time setup options

Guided Dashboard

A setup progress checklist walks new admins through enabling MFA, creating a template, configuring a sending profile, and launching their first campaign - without leaving the dashboard.

HailBytes SAT dashboard with setup progress checklist and welcome tutorial

Unlimited Campaigns

Launch active simulations and archive completed ones in a single view. No per-campaign fees, no per-user licensing - just run as many tests as your program needs.

HailBytes SAT Campaigns page with active campaign list and results

AI-Driven Campaigns & 45+ Industry Templates

Ship realistic campaigns fast with 45+ industry-specific templates, QR lure coverage, cloned template support, and built-in MCP tooling for AI-assisted campaign generation. Import your own lures too, with HTML/plain-text editing, merge variables, and tracking pixels built in.

HailBytes SAT Email Templates library with reusable phishing simulation templates
Take a Complete Tour Deploy on Azure Deploy on AWS Book a Demo

Analytics Built for CISOs

Answer the questions that matter: is training working, where is risk rising, and who needs follow-up?

Engagement Funnel

Sent → Opened → Clicked → Submitted as a stepped funnel with absolute counts and percentages, so the drop-off at each stage is obvious at a glance.

Threat Trend, 12w / 26w / Monthly

Click rate, submit rate, and report rate plotted over the last 12 weeks, 26 weeks, or 12 months. Flip between rollups to compare quarter against quarter, instead of only week against week.

KPI Sparklines & WoW Deltas

Each KPI card shows a 12-week sparkline and a delta versus the prior week, so improvement and regression are visible without opening a report.

Click-Rate ↔ Resilience Toggle

Department leaderboard flips between Click rate (worst at top, in red) and Resilience (best at top, in green, computed as reports / (reports + clicks)). Celebrate wins alongside calling out trouble.

Repeat-Clicker Watchlist

Recipients who clicked in two or more campaigns, with their distinct-campaign click count, submission count, and a Trained pill driven by quiz-pass events. Targeted follow-up, not blast emails.

Print & PDF Executive Reports

A print stylesheet strips chrome, lays out KPIs, funnel, and outcome on a single A4 page, and applies your branding. Hand a board-ready PDF off straight from the browser, with no third-party reporter required.

HailBytes SAT campaign results, timelines, funnels, and heatmaps video thumbnail

Jump to the campaign-results chapter (1:58).

Learn More About SAT Analytics
For MSSPs & Partners

White-Label, End-to-End

White-label SAT for your customers without forking the codebase. Branding shows up everywhere they see it.

Per-Tenant Branding

Customer’s organization name, logo, favicon, primary/secondary/accent colors, support URL, and email-from-name, rendered through the admin UI, the executive PDF report, and scheduled report emails. Configure once per organization; consistent everywhere.

Per-Org Seat Caps

Enforce contractual user limits per tenant. Over-cap assignments return HTTP 409 from the org members API, re-assignment is idempotent, and unlimited mode is available for flagship customers.

Multi-Tenant Data Isolation

Organization-scoped data isolation is enforced at the model layer with user_id filtering on every query. Tenants never see one another’s campaigns, templates, results, or audit events.

OIDC SSO Per Tenant

OIDC SSO with Microsoft Entra ID and Google, configurable per organization, so MSSPs can wire each customer up to their own identity provider without giving every tenant shell access to the VM.

HailBytes SAT SSO and white-label branding video thumbnail

Jump to the SSO + white-label chapter (3:14).

See the MSSP & Partner Workflow
Governance & Compliance

Auditable Controls for Regulated Industries

Document who was excused, who approved it, and why — with an audit trail your assessors can replay.

Exemption Management

Excusal workflow for campaigns, training modules, and quiet-period windows. Each exemption flows requester → approver with mandatory four-eyes separation, and every state transition (request, approve, reject, revoke) is captured in a full audit trail exportable for compliance evidence packages. Overdue exemptions transition to an expired state automatically. Built for regulated industries where documented exemptions are an audit requirement.

Immutable Audit Log

Every administrative action — campaign launches, role changes, exemption decisions — is written to a comprehensive audit log with JSON and CSV export. Aligned with SOC 2, NIST CSF, PCI DSS, and ISO 27001 evidence requirements, and replayable per resource for assessor review.

Credential Capture Privacy

Captured phishing passwords are never stored in plaintext. The default redact-at-write mode replaces each credential with a length-only sentinel the moment it is received; teams that need credentials for IR forensics can enable opt-in AES-256-GCM encryption-at-rest, recoverable only under admin authorization. The landing-page banner shows the active storage policy so operators can confirm how captured data was handled.

Compliance Details
Set-and-Forget Programs

Recurring Campaigns & Scheduled Report Delivery

Set the program once. HailBytes SAT runs the campaigns, sends the reports, and keeps the evidence moving.

Recurring Campaigns on a Schedule

Configure a campaign once with your target groups, template, sending profile, and cadence (daily, weekly, monthly, or a custom interval). HailBytes SAT re-runs it automatically, rotates templates from a defined pool to prevent habituation, and logs each wave as a distinct campaign in the analytics history. No one has to remember to press “launch” before the quarter closes.

Scheduled Report Delivery to Clients

Configure per-organization scheduled reports (daily, weekly, or monthly), and HailBytes SAT emails the branded PDF directly to an executive or client distribution list. The report covers the engagement funnel, threat-trend chart, repeat-clicker watchlist, and compliance evidence, all under your branding. Clients get results in their inbox; they never need dashboard access.

Executive Email Digests

Daily or weekly summary emails sized for executives who don’t live in the security tools. KPI sparklines, week-over-week deltas, and a one-line risk verdict, enough to answer “are we improving?” without opening a dashboard.

Board-Ready PDF from Any View

Every analytics view (funnel, threat-trend, repeat-clicker watchlist, training-vs-click scatter) prints to a single A4 page via a print stylesheet that strips chrome and applies your logo and colors. Hand a board-ready PDF straight from the browser with no third-party reporter.

HailBytes SAT new-campaign wizard, end to end in under a minute video thumbnail

Jump to the new-campaign wizard chapter (1:38).

Regulated & Sovereign

Deployable on Azure Government

The same product, image, and hardening pipeline, running inside Azure Government for regulated US workloads, or inside an air-gapped subnet with zero outbound CDN dependencies.

Azure Government

Deploy from the same Packer-built image into Azure Government for FedRAMP- adjacent and CJIS-adjacent workloads. Image, hardening, update, and patch workflows are identical to commercial Azure.

Air-Gapped & No Outbound CDN

Inter and JetBrains Mono fonts ship with the binary as self-hosted woff2. The dashboard renders the same in any network posture; an air-gapped subnet with no Google Fonts reach is a first-class deployment, not a workaround.

Hardened Ubuntu 24.04 Baseline

SSH keys only, no default credentials, UFW firewall, AES-256-GCM encryption for sensitive credentials at rest (SMTP secrets, API tokens), bcrypt passwords, CSRF protection. Compliance mapping for SOC 2 ships in the repo.

Talk to a Solutions Engineer Compliance Details
Continuously Shipping

A New Build Every Commit

HailBytes SAT versions auto-increment with every commit. Hardening, security patches, and improvements ship through the same marketplace image.

Verified G2 Review

What Pen Testers Say

via G2

Best framework on cloud for phishing simulations

“The [HailBytes SAT] phishing framework (certified by HailBytes) enables companies to run phishing attack simulations from the cloud and test employees regardless of place and time, without any tech headaches. It tracks who clicks on the spoof links, who enters details on fake login pages, and who even reports the scam, providing a clear estimate of the alertness of a team. Managers can look at reports and find weak areas (like departments that need some extra training) and fix them swiftly. The cloud environment means it scales easily for larger teams or remote workers, which makes security checking activities less of a burden. The HailBytes certification does mean that it is ethical and safe and complies with privacy regulations, meaning organizations can train employees without undue fear of legal liability.”

Brackets indicate editorial substitution: the product was reviewed under its prior name (GoPhish Cloud) and has since been renamed to HailBytes SAT.

Platform-as-a-Service Pricing

Single marketplace bill, software and infrastructure included. No per-seat licensing.

$0.24/vCPU/hour

$4,200/year for the recommended 2 vCPU instance

Billed through AWS Marketplace or Azure Marketplace. Software license, hosting, updates, and security patches all included. 70-80% less than commercial alternatives like KnowBe4 or Proofpoint.

Deploy on Azure Deploy on AWS Book a Demo

Try HailBytes SAT Free

Get a free trial deployment on AWS or Azure. Our team will walk you through setup and help you run your first phishing campaign within 30 minutes.

  • 30-day free trial on AWS or Azure
  • Guided onboarding from our security team
  • No credit card required to start
  • Pre-built phishing templates included

Request a Free Trial

We'll respond within one business day.

Get the Free HailBytes SAT Getting Started Guide

A 7-part email series covering everything from your first deployment to advanced configuration and real-world workflows. One email per day, no spam.