Salesforce Customer since 2017

Purplephish turns the tide on cyber breaches with security awareness training platform built on Salesforce

It’s the worst-kept secret in cyber security – every multi million pound IT security strategy shares the same fatal vulnerability: users. Even the most sophisticated defences can be circumvented entirely by one click from an unsuspecting end user that lets attackers walk in through the front door.

Phishing scams are a huge industry today. The threat has matured from generic mass mailouts sent by isolated individuals to fully-industrialised criminal organisations that spend months researching and exploiting a company’s specific vulnerabilities. 

That’s why the first and most powerful line of defence against phishing attacks is an informed and empowered staff. And that’s exactly what trailblazing company Purplephish is on a mission to provide. 

As Co-Founder and CEO, Ben Audley, explained: “Purplephish is a fun and engaging training platform for customers to continuously educate their employees about these threats.” And here’s the kicker: the Purplephish platform is built entirely using Salesforce technology.

From tailored and ongoing e-learning programmes, to orchestrating real-world phishing simulation exercises, to using Einstein Analytics to calculate metrics like susceptibility rates based on quiz results – Salesforce enables it all.


Purplephish is a fun and engaging training platform for customers to continuously educate their employees about these threats.”

Ben Audley, CEO, Purplephish

Getting it right from day one

Purplephish built its business and training programme on Salesforce from day one. Its vision of a bespoke, gamified customer experience with the flexibility to scale was a natural fit with the unlimited development potential of the platform.

The team worked with implementation partner, Oegen, to roll out an end-to-end solution combining Sales Cloud and Service Cloud for CRM and case management, with its training programme developed on Salesforce Platform and Pardot.

“Salesforce is very developer-friendly, which sped up deployment and means we can stay nimble and easily make changes as our business evolves,” said William Goulding, Head of Software Development at Purplephish. “Trailhead helps me keep up to date with the latest Salesforce products and features so I know we’re always getting the best out of our platform.”

A new approach to learning

A compelling user experience was critical to Purplephish’s vision. “Security teams are comprised of immensely talented individuals – but user training is just one item on their enormous list of responsibilities. We wanted to create a specialised learning experience that empowered users to take ownership of better security practices and freed security professionals to focus on what they’re best at,” commented Ben Travers, Head of Operations.

To effectively prevent more security breaches, Purplephish helps customers to make a cultural shift within their organisation – moving away from ad hoc security workshops to a continuous and interactive learning model.

“If you send staff away with a cheat sheet on data security, they’ll probably have forgotten it in a week. Even in the best-case scenario they’ll only be aware of the threats you told them about, but new attacks are cropping up constantly,” said Audley.

Creating personalised user journeys

The company built its user training program and phishing email simulator on Pardot, customising the solution to create personalised user journeys so individuals across an organisation don’t all receive the same email at the same time.

“Pardot helps us imitate real world conditions. We’ve created multiple user journeys with slightly different timings and automated them with Engagement Studio,” explained Goulding. “We have customers including local governments, the police, insurance companies, retailers, and universities all over the world so we also needed to be able to make sure we were sending emails during work hours in each region.”

When a user receives a simulated email, their response is captured and logged. If they engage with it, they’re notified and sent further educational material to help them correctly identify the next one and reduce the chance of them falling for a real scam.

Giving admins greater control

To give customers insight into how their team is performing, Purplephish built a customer community with dashboards powered by Einstein Analytics. “Being able to actively demonstrate that a company’s susceptibility to scams is falling over time is hugely valuable,” revealed Audley. “When consumers buy anti-virus software or security alarms for buildings, they have no idea whether they’ve actually prevented a breach or not. With Einstein Analytics we can give customers the peace of mind that security is improving.”

As well as monitoring the effectiveness of the programme, admins can track how many people are completing training modules and the pass rate so they can identify any groups or users who need more training.

They can also set up on-demand simulations to tailor the solution to meet their needs or include training on a specific risk that they’re particularly worried about. Requests for new simulations are handled via an integration with Service Cloud and are submitted as cases.

“Our customer support channels mainly capture feedback on how to improve the product or how we can help customers get the best value from it,” commented Travers. “We don’t have a lot of issues with the platform itself.”

Leveraging richer insights to convert more leads

With Salesforce, Purplephish can give customers a seamless, personalised experience from sign up to renewal. Easy access to information helps the team to optimise processes for greater efficiency and have better conversations with customers. For example, during the Covid-19 pandemic, the team knew not to nurture leads in the struggling hospitality industry but could focus on supermarkets instead.

“Salesforce gives us very rich data on our customers, which empowers us to tailor the selling experience to make sure we’re having the right conversations at the right time and not overburdening them,” said Travers. “We’ve also got insight into how effective our sales cycle is and where we can make changes to improve our conversion rate.”

Purplephish is well-positioned to achieve its ambition of being the go-to company for IT awareness training. As business goes from strength to strength, it can react quickly to change to ensure it’s always a step ahead of the competition – during the pandemic, remote working was enabled in just 24 hours, enabling employees to continue delivering a seamless customer experience from the safety of their own homes.

“The beauty of Salesforce is the control it gives us. We get all the benefits of a world-leading solution, but we’ve completely customised it to deliver the perfect end user experience for our very niche business,” concludes Audley.


Keep exploring stories like this one.

Questions? We’ll put you on the right path.

Ask about Salesforce products, pricing, implementation, or anything else. Our highly trained reps are standing by, ready to help.