CASE FILE // PC-2026-04
Status: Open


Filing 05.01.00Field 27 APR 2026Classification PublicStatus Open

KnowBe4 cost: SAT Foundation and SAT Advanced published per-seat pricing

KnowBe4 is the largest phishing-simulation training vendor in the US market by customer count. On 5 May 2026 it relaunched its Security Awareness Training as a two-tier model, SAT Foundation and SAT Advanced, and now publishes per-seat-per-month pricing by employee band on a 3-year term up to 1,000 seats. The earlier four-tier KSAT model (Silver, Gold, Platinum, Diamond) is now legacy. Figures below are from KnowBe4's published pricing page, verified June 2026.

Direct answer

KnowBe4 published per-seat pricing, at a glance

SUMMARY

Since the 5 May 2026 SAT relaunch, KnowBe4 publishes per-seat-per-month pricing on a 3-year term. SAT Foundation runs $2.40 per seat per month at 25 to 50 seats, sliding down to $1.63 at 501 to 1,000 seats (about $20 to $29 per seat per year). SAT Advanced, which adds the full library and AIDA, runs $3.75 per seat per month at 25 to 50 seats, sliding to $2.79 at 501 to 1,000 seats (about $33 to $45 per seat per year). Above 1,000 seats is quote-only.

SeatsSAT Foundation /seat/moSAT Advanced /seat/mo
25 to 50$2.40$3.75
51 to 100$2.13$3.40
101 to 250$1.97$3.19
251 to 500$1.80$2.96
501 to 1,000$1.63$2.79
1,001+QuoteQuote

Published list pricing, 3-year term, from KnowBe4's pricing page. AIDA (AI Defense Agents) is included in SAT Advanced. Per-year figures are the monthly rate multiplied by twelve. Full worked totals below.[KnowBe4 SAT pricing page (knowbe4.com/products/security-awareness-training/pricing), verified June 2026]

Exhibit A

What changed in May 2026: four KSAT tiers to two SAT tiers


On 5 May 2026 KnowBe4 relaunched its Security Awareness Training as an AI-native product with a two-tier structure, SAT Foundation and SAT Advanced, available globally. This superseded the long-standing four-tier KSAT model (Silver, Gold, Platinum, Diamond) for new buyers. The bigger shift for cost research is that KnowBe4 now publishes per-seat-per-month list pricing by employee band on its website, up to 1,000 seats, where the old model was quote-only and had to be triangulated from public RFP awards and reseller catalogues.

The published pricing is a 3-year-term rate. Smaller organisations pay more per seat (the 25-to-50-seat band) and the per-seat rate steps down at each higher band, reaching its published floor at 501 to 1,000 seats. Organisations above 1,000 seats are quote-only, where the historical triangulated enterprise range (roughly $30 to $45 per seat per year for the equivalent of SAT Advanced, lower with deep volume discount) remains a reasonable planning guide until a quote is in hand. Existing customers may still sit on a legacy KSAT Diamond contract; KnowBe4 lets those customers add AIDA as an optional bolt-on rather than forcing a migration.[KnowBe4 press release 5 May 2026 (AI-native SAT launch) + KnowBe4 SAT pricing page, verified June 2026]

Exhibit B

The two SAT tiers and what they include

REFERENCE

SAT Foundation

$1.63 to $2.40 per seat per month (3-year term)

Includes: Streamlined training library of 200-plus modules, automated phishing simulation and tests, the Phish Alert Button for user reporting, baseline reporting, risk assessments, and select AI features

Fits: SMBs starting their first awareness program. Mid-market organisations establishing a core security baseline on a tighter budget. Educational institutions and non-profits.

SAT Advanced

$2.79 to $3.75 per seat per month (3-year term)

Includes: Everything in Foundation, plus the full 1,000-plus-module training library, advanced reporting, unlimited Smart Groups, AI-recommended optional learning, and AIDA (Artificial Intelligence Defense Agents), the suite of AI agents that automates program administration and generates personalised and deepfake-based training content

Fits: Organisations of any size that want the full content library and AI-driven personalisation. Mature programs needing AIDA's automation. Industries with heavy targeted-attack exposure (financial services, government, healthcare).

PhishER and PhishER Plus (user-reported phishing triage with automated mailbox cleanup) are sold as separate add-ons rather than bundled into the SAT tiers. Legacy KSAT (Silver, Gold, Platinum, Diamond) contracts remain in force for existing customers.[KnowBe4 SAT pricing page + product pages, verified June 2026]

Exhibit C

Per-organisation total cost worked examples


Organisation profileTierPer seat /yrAnnual total
40-employee SMB starting awarenessSAT Foundation$28.80$1,152
100-employee SMB, full library + AIDASAT Advanced$40.80$4,080
500-employee mid-market, full library + AIDASAT Advanced$35.52$17,760
1,000-employee mid-market baselineSAT Foundation$19.56$19,560
10,000-employee enterpriseSAT Advanced (quote)~$33~$330,000

Examples up to 1,000 seats use KnowBe4's published per-seat-per-month rate for the matching band, multiplied by twelve. The 10,000-seat row is quote-only territory; it uses the published 501-to-1,000 floor as a conservative planning estimate, and real enterprise quotes typically land at or below that with volume discount. All figures are 3-year-term list rates.[KnowBe4 SAT pricing page, verified June 2026]

Exhibit D

How KnowBe4 compares to the major alternatives


KnowBe4 is the largest phishing-simulation training vendor in the US market by customer count, but it sits in a competitive landscape with several distinct alternatives. The competitive position is shaped by content-library breadth, simulation quality, behavioural-measurement approach, and pricing.

VendorPer-user-year bandDistinguishing approachStrongest segment
KnowBe4$20-$45Content-library breadth, AIDA agents, US-market leader, now publishes pricingSMB to enterprise broadly
Proofpoint PSAT$25-$70Bundled with Proofpoint email securityExisting Proofpoint customers
Cofense PhishMe$30-$80PhishMe + Triage IR-integratedMid-market to enterprise with SOC
Hoxhunt$32-$90Per-user behaviour-tracking analyticsEnterprise with mature program
SoSafe$24-$72EU-native, GDPR-designEU organisations, US with EU operations
Infosec IQ$20-$50SMB-focused, simpler interfaceSMB and mid-market
Wizer$15-$35SMB-focused, very low pricing tierSMB and micro-business

The KnowBe4 band is its published SAT pricing; competitor bands are estimates triangulated from public RFP awards and reseller catalogues, since most of the other vendors do not publish list pricing. Distinguishing-approach summaries reflect 2025-2026 product positioning and may shift over time. See cross-links at the bottom of this page for vendor-specific cost analyses.[Vendor-specific public RFP records + Forrester Wave Security Awareness Training 2024 + Gartner Magic Quadrant Security Awareness Computer-Based Training 2024]

Exhibit E

ROI math: training cost vs avoided phishing event cost


The ROI calculation for phishing-simulation training is straightforward in principle: compare the annual program cost against the modelled reduction in phishing-event cost. The published literature on click-rate reduction from KnowBe4 and similar programs is reasonably consistent. Hoxhunt 2026, Cofense 2024, and KnowBe4's own annually-published Phishing Industry Benchmarks Report all show 50 to 70 percent reduction in baseline-bulk-phishing click rates over 24 months of continuous program use. The reduction against AI-grade spear phishing is materially lower (roughly half), and against AitM attacks (see /by-attack/aitm) is approximately zero because the lure-recognition gap is not the attack's failure mode.

For a 500-employee mid-market organisation paying $35.52 per seat per year for KnowBe4 SAT Advanced, the annual program cost is about $17,760. Against the modelled $4.20M average mid-market phishing breach cost (see /by-scale/mid-market), even a 5 percent reduction in event-probability-weighted cost pays back the program multiple times over. The actual reduction at year 1 is typically smaller (20 to 30 percent click-rate reduction translates to maybe 10 to 15 percent event-cost reduction); at year 2-3 with sustained program the reduction matures to the 50 to 70 percent click-rate range with 25 to 40 percent event-cost reduction. The math favours sustained program investment.

The honest caveat is that the published click-rate reductions measure performance against bulk-phishing simulation lures, which are easier to recognise than the AI-grade lures attackers now deploy against real targets. Real-world program impact may be smaller than the published numbers suggest because the lure types in simulation are different from the lure types in production. This does not eliminate the ROI case but it does suggest that organisations should treat awareness training as a necessary layer rather than a sufficient defence, and that the training program should be paired with phishing-resistant MFA, behavioural email security, and a documented incident-response capability rather than substituted for them.[KnowBe4 Phishing Industry Benchmarks Report 2024 + Hoxhunt Phishing Trends Report 2026 + Cofense 2024]

Exhibit F

What buyers should ask before signing the KnowBe4 contract


What is the per-user pricing including any volume discount?

Get the price stated as $X per user per year, not as an annual total, to enable comparison to alternative vendors. Volume discount tiers typically kick in at 1,000, 5,000, 10,000 user counts.

What is included at the offered tier and what is add-on?

Confirm in writing which features are included and which require add-on SKUs. PhishER, vishing simulation, USB testing, and custom content creation are particularly worth confirming because they move across tiers.

What is the multi-year-term discount?

3-year commitments typically yield 5-15% discount versus annual; 5-year typically 15-25%. Compare against the optionality cost of being locked in for the term.

What is the click-rate reduction commitment?

Ask the sales team to commit to a specific click-rate reduction target over 12-24 months. If they cannot or will not commit, treat the program as a hygiene investment rather than an ROI-driven one.

What is the contract auto-renewal mechanism?

Many KnowBe4 contracts auto-renew at the prevailing list price (which may be higher than negotiated initial pricing). Confirm the renewal-price mechanism and negotiate a renewal-price cap.

What is the data-residency and integration posture?

For organisations with EU data subjects or specific data-residency requirements, confirm where KnowBe4 hosts the data and how the integration interacts with your existing identity provider.

Exhibit G

Frequently filed questions

ON RECORD

How much does KnowBe4 cost per seat?[open]

As of the 5 May 2026 SAT relaunch, KnowBe4 publishes per-seat-per-month pricing on a 3-year term. SAT Foundation: $2.40 (25-50 seats) down to $1.63 (501-1,000), about $20-$29 per seat per year. SAT Advanced: $3.75 (25-50) down to $2.79 (501-1,000), about $33-$45 per seat per year. Above 1,000 seats is quote-only.

Does KnowBe4 publish list pricing?[open]

Yes, now. Since the May 2026 SAT relaunch it publishes per-seat-per-month bands up to 1,000 seats on its pricing page. The earlier four-tier KSAT model (Silver, Gold, Platinum, Diamond) was quote-only and had to be triangulated from public RFP awards and reseller catalogues.

What is AIDA and does it cost extra?[open]

AIDA (Artificial Intelligence Defense Agents) is a suite of AI agents that automates program administration and generates personalised and deepfake training content. It is included in SAT Advanced at no separate per-seat charge, so the AIDA price is the SAT Advanced price. Existing legacy KSAT Diamond customers can add AIDA as an optional bolt-on.

What is the difference between Foundation and Advanced?[open]

Foundation has a streamlined 200-plus-module library, phishing simulation, the Phish Alert Button and basic reporting. Advanced adds the full 1,000-plus-module library, advanced reporting, unlimited Smart Groups, AI-recommended learning and AIDA.

How does KnowBe4 compare to Hoxhunt?[open]

KnowBe4 is generally less expensive at equivalent functional levels. Hoxhunt emphasises continuous-per-user-behaviour-tracking while KnowBe4 emphasises content-library breadth and its AIDA agent suite.

Is KnowBe4 effective?[open]

Yes, against bulk phishing. Published click-rate reductions of 50-70% over 24 months are well-documented. Reduction against AI-grade spear phishing is roughly half that; against AitM attacks (where lure-recognition is not the failure mode) is approximately zero.

What should I negotiate?[open]

Per-seat pricing including any volume discount above 1,000 seats, PhishER add-on bundling, multi-year-term discount, click-rate-reduction commitment, renewal-price cap, and data-residency posture.

Updated 2026-04-27