Skip to main content

Navigation

Catalogue

Security Awareness Privacy & Compliance AI & LLM Security Real-World Incidents
Application Security Soon
API Security Soon
Cloud Security Soon

Features

Interactive 3D Training SCORM Cloud LMS Human Risk Score Risk-Based Automation All features

Simulations

Phishing Simulations Smishing Simulations
Vishing Simulations Soon

Company

Partners About Us Blog

Legal

Security & Compliance Privacy Policy Terms of Service
English Українська
Book a Demo

Security Awareness Training Your Team Completes

Immersive 3D simulations instead of boring videos and dull slides. Ready for any LMS.

Try Exercise Library

Trusted by teams at

Exercise Library

Free interactive cybersecurity exercises to build your human firewall. Practice phishing, ransomware, AI threats, and compliance scenarios. No sign-up required.

Browse 100+ exercises across 4 categories
Bring this training to your team

Microlearning Drills

Short, repeatable reps you run live, right in the page. Click any preview to start the drill.

Demo coming soon Deepfake Drill 3 min Synthetic Executive Video Tell a real executive recording from a generated one before you act on its instructions.

Author your own drills inside your tenant. Every customer ships unlimited drills tuned to their threat surface.

Mapped to your compliance program

Every exercise produces audit-ready evidence your team can hand to an auditor.

SOC 2 ISO 27001 HIPAA GDPR PCI DSS NIS2 EU AI Act

Inside the platform

The control room your security team signs into. Built to ship training, prove it ran, and hand receipts to an auditor.

Tenant analytics dashboard showing 17d 12h total time, 5h 50m per user, and a 30-day activity chart
Quiz Analytics page showing 81% average score, 76% pass rate, 1028 attempts, and a hardest-questions list
Campaign list showing multiple training waves with status badges and per-campaign completion percentages
AI Tools Safety Onboarding campaign detail showing 91 participants, 23% completion, 50.9% average progress, with tabs for overview, participants, content, screenshots, analytics, and audit log
Users page showing 128 total licenses, 113 redeemed, 5 available, 10 pending invites, with a per-user role and team list
Teams management page listing Product, Sales, Customer Success, Engineering, HR, Finance, IT & Security, Legal, Operations, and Marketing with assigned managers
Compliance evidence dashboard with framework cards for SOC 2, ISO 27001, HIPAA, NIST CSF and others, each showing completion percentages
Report builder with Tenant, Course, and Campaign report types, team filter, framework badges including SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF, GDPR, and PDF / CSV format toggles
SCORM Packages admin page listing pre-built SCORM exports for Workday, Cornerstone, SAP SuccessFactors, Moodle, Docebo, Canvas, Blackboard and TalentLMS with version, size, and status columns
Custom Content library listing internal uploads such as an Incident Response Walkthrough video, Custom Phishing Simulation SCORM, Acme Corp AUP, Employee Handbook PDF, Office Floor Plan image, and Quarterly All-Hands recording, each with file type, size, status, and upload date
Learner-facing course catalog grouped by Privacy and Compliance and Security Awareness, with cards showing course icons, descriptions, and progress bars
Achievements page for a learner showing unlocked and locked badges grouped by rarity
  1. Tenant analytics dashboard showing 17d 12h total time, 5h 50m per user, and a 30-day activity chart
    01 / 12 Real-time analytics

    See human risk move, in real time.

    Tenant-wide time-spent, average per user, and active-campaign rollups update the moment a learner finishes. Filter by user, team, or date range without leaving the page.

    • Daily activity timeline with rolling windows
    • Active and recent campaigns at a glance
    • Slice by team, role, or individual
  2. Quiz Analytics page showing 81% average score, 76% pass rate, 1028 attempts, and a hardest-questions list
    02 / 12 Quiz analytics

    Find every knowledge gap, then close it.

    Per-question results from every quiz attempt. See exactly which questions your workforce keeps missing.

    • Question-level correct/incorrect tracking
    • Hardest-questions ranked across the org
    • Trend lines by course, team, and time
  3. Campaign list showing multiple training waves with status badges and per-campaign completion percentages
    03 / 12 Campaign builder

    Plan training waves end to end.

    Set deadlines and grace periods, target by team or role, and let automatic reminders chase the stragglers.

    • Recurring rollouts with deadline extensions
    • Auto-escalation to managers when at risk
    • Recognition windows that backfill prior completions
  4. AI Tools Safety Onboarding campaign detail showing 91 participants, 23% completion, 50.9% average progress, with tabs for overview, participants, content, screenshots, analytics, and audit log
    04 / 12 Per-campaign tracking

    Track every cohort, all the way to done.

    Each campaign gets its own room: roster, analytics, and a full audit log. Drill from the full cohort down to a single stalled learner.

    • Live completion + average progress per cohort
    • At-risk flagging the moment a deadline slips
    • Full audit log of every change, by whom
  5. Users page showing 128 total licenses, 113 redeemed, 5 available, 10 pending invites, with a per-user role and team list
    05 / 12 Users & licenses

    Every seat, every license, in view.

    Filter by team or role, then bulk-invite, disable, or hand off seats without ever overshooting your contract.

    • Live license utilisation and pending-invite count
    • Inline role + team + manager assignment
    • CSV bulk import and SCIM auto-provisioning
  6. Teams management page listing Product, Sales, Customer Success, Engineering, HR, Finance, IT & Security, Legal, Operations, and Marketing with assigned managers
    06 / 12 Teams & managers

    Mirror your org chart.

    Each manager sees their own direct reports, and gets pinged the moment one of them falls behind on training.

    • Manager view scoped to direct reports
    • At-risk and missed-deadline alerts
    • External-id mapping for HRIS sync
  7. Compliance evidence dashboard with framework cards for SOC 2, ISO 27001, HIPAA, NIST CSF and others, each showing completion percentages
    07 / 12 Compliance evidence

    Framework-mapped evidence, on demand.

    Every completion maps to the controls it satisfies. SOC 2, ISO 27001, HIPAA, NIST CSF, and 21 more, all live.

    • 25 frameworks mapped out of the box
    • Per-framework completion percentages
    • Vanta and Drata streaming integrations
  8. Report builder with Tenant, Course, and Campaign report types, team filter, framework badges including SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF, GDPR, and PDF / CSV format toggles
    08 / 12 Reports & exports

    Auditor-ready exports in one click.

    Tenant, course, or campaign reports. Filter by team and pick from 25 compliance frameworks. PDF or CSV.

    • Filter by team and framework before export
    • Scheduled monthly delivery to GRC inboxes
    • Per-user and per-cohort report formats
  9. SCORM Packages admin page listing pre-built SCORM exports for Workday, Cornerstone, SAP SuccessFactors, Moodle, Docebo, Canvas, Blackboard and TalentLMS with version, size, and status columns
    09 / 12 SCORM packages

    Ship every exercise as a SCORM package.

    Export any course or exercise as a SCORM 1.2 or 2004 zip, then drop it into Workday, Cornerstone, Moodle, or any LMS you already pay for.

    • One-click export from any course or exercise
    • SCORM 1.2 and 2004 (3rd edition) both supported
    • Tested across 50+ enterprise LMS platforms
  10. Custom Content library listing internal uploads such as an Incident Response Walkthrough video, Custom Phishing Simulation SCORM, Acme Corp AUP, Employee Handbook PDF, Office Floor Plan image, and Quarterly All-Hands recording, each with file type, size, status, and upload date
    10 / 12 Custom content

    Mix in your own policies, videos, and SCORM.

    Upload internal SOPs, employee handbooks, or your own SCORM packages. Drop them into learning paths next to off-the-shelf training.

    • PDF, image, video, and SCORM 1.2 / 2004 uploads
    • Step into any learning path alongside our content
    • Per-user tracking and completion in one place
  11. Learner-facing course catalog grouped by Privacy and Compliance and Security Awareness, with cards showing course icons, descriptions, and progress bars
    11 / 12 Learner experience

    An LMS your workforce will actually use.

    A clean catalogue, visible progress, and certificates issued the moment a course is done. Multilingual support so every employee learns in the language they think in.

    • Self-serve enrolment with clear progress
    • Automatic certificate issuance
    • Multilingual learner experience
  12. Achievements page for a learner showing unlocked and locked badges grouped by rarity
    12 / 12 Achievements & streaks

    Gamification that actually drives completion.

    Unlockable achievements, rarity tiers, and a daily streak counter turn training into something learners come back to instead of avoid.

    • Achievements unlocked across the learner journey
    • Rarity tiers that make milestones feel earned
    • Daily streak counter learners protect on their own

Built for enterprise IT

How RansomLeak plugs into the identity, LMS, and security tooling you already run.

See all features

Plugs into your security stack

SSO, SCIM, and SIEM out of the box. Sign in with your IdP, provision from your HRIS, and stream every training event into your SOC pipeline.

  • SAML 2.0 and OIDC SSO with any IdP
  • SCIM 2.0 auto-provisioning from HRIS
  • Webhooks to Splunk, Datadog, and Sentinel
Learn more
Plugs into your security stack feature visualization

SCORM Integration

Upload to your LMS with full SCORM 1.2 & 2004 support.

  • Works with your existing LMS infrastructure
  • No custom development required
  • Zero IT overhead for deployment
Learn more
SCORM Integration feature visualization

Dedicated Multi-Tenant Architecture

Secure, isolated environments with complete customization.

  • Complete data segregation per tenant
  • White-label with your branding
  • Role-based access controls & compliance
Learn more
Dedicated Multi-Tenant Architecture feature visualization
Interactive 3D Simulations SCORM Compliance Real-Time Analytics Gamification Elements Custom Content Content Uploads Multilingual Training Custom Learning Paths Campaigns Phishing Simulations Smishing Simulations Vishing Simulations Soon Single Sign-On (SSO) Multi-Factor Authentication (MFA) Reminders Reports Tenant Whitelabeling Teams Role-Based Access Control SIEM Export Slack & Teams Calendar Integration IP Whitelisting
Add-on

Phishing Simulations

Test your workforce against realistic phishing attacks delivered through direct mailbox injection. Track the full funnel from delivery to credential submission, and auto-assign targeted training to employees who click.

  • M365 and Google Workspace direct injection bypasses spam filters
  • Outlook and Gmail reporter buttons capture real-time employee reports
  • Full-funnel analytics: delivered, opened, clicked, credentials, reported
  • Auto-remediation assigns exercises to employees who fail simulations
Explore phishing simulations
Phishing email template preview showing a Microsoft 365 credential harvest lure with template library sidebar
Add-on

Smishing Simulations

Test your workforce against SMS phishing, the channel with no email gateway in front of it. Send realistic but harmless text lures over a real SMS transport, measure who taps and who reports, and route the rest into targeted training.

  • Real SMS delivery gated to business hours and carrier rate limits
  • Per-recipient tap and REPORT-reply tracking via signed, time-limited tokens
  • Full-funnel analytics: sent, delivered, clicked, submitted, reported
  • Auto-remediation enrolls anyone who taps the lure into targeted lessons
Explore smishing simulations
Smishing campaign editor with the SMS channel selected and a package-delivery text template ready to send

Why RansomLeak?

Human Risk Management training employees complete because they want to, not because HR makes them.

01

Learn by Doing

Master threat recognition through hands-on 3D simulations. Practice split-second security decisions in realistic scenarios covering phishing, ransomware, social engineering, and more.

Learn more
02

Actually Engaging

Forget compliance checkbox videos. Our gamified 3D simulations turn security awareness into an experience employees actually want to complete.

Learn more
03

Comprehensive Topics

Phishing, ransomware, social engineering, AI security, GDPR compliance, incident response, and dozens more. Cover the full threat landscape with training from beginner to expert.

Learn more
04

Made by Industry Veterans

Created by the team behind Kontra Application Security Training. Real-world security expertise distilled into training that actually changes behavior.

Learn more

Latest blog articles

Practical guides on phishing, AI security, and awareness training. Written by the team behind the exercises.

Read all posts
AI literacy training under EU AI Act Article 4 shown as an open book and brain with a checkmark inside a circle of EU stars

AI Literacy Training: Meeting EU AI Act Article 4

EU AI Act Article 4 requires AI literacy for everyone who uses AI at work. See what the duty covers, who it reaches, and how to train staff to meet it.

Read the article
EU AI Act deepfakes shown as a face split between a real photo and a synthetic wireframe with an Article 50 label tag inside a circle of EU stars

Deepfakes and the EU AI Act: Article 50 Transparency

The EU AI Act regulates deepfakes through Article 50 transparency duties. See what must be disclosed, who is responsible, and how to train teams to label synthetic media.

Read the article
EU AI Act and GDPR shown as two interlocking rings sharing a common core inside a circle of EU stars

EU AI Act and GDPR: Where the Two Laws Overlap

The EU AI Act and GDPR apply at the same time. See where the two laws overlap, where they differ, and how to train one team to satisfy both at once.

Read the article

Frequently Asked Questions

Everything you need to know about deploying enterprise security awareness training

  • What is Human Risk Management?

    Human Risk Management (HRM) measures and reduces the cyber risk that comes from employee behavior. It replaces one-off compliance videos with hands-on simulations, behavioral analytics, and role-specific coaching. Verizon's 2024 Data Breach Investigations Report found that 68% of breaches involve a human element.

    RansomLeak is a browser-based HRM platform. Interactive 3D simulations cover phishing, ransomware, social engineering, vishing, smishing, business email compromise, deepfake whaling, AI prompt injection, GDPR, and the EU AI Act. Training ships as SCORM 1.2 / 2004 packages for any LMS, or runs on the RansomLeak cloud with SSO, analytics, and campaign management.

    Dmytro Koziatynskyi and Maksym Khamrovskyi founded RansomLeak in 2025 in Tallinn, Estonia. The platform has 100+ free exercises with no sign-up and produces compliance reports for SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, the EU AI Act, and NIS2.

  • How does RansomLeak integrate with our existing Learning Management System?

    RansomLeak supports SCORM 1.2 and SCORM 2004, tested with 50+ LMS platforms including Moodle, SAP SuccessFactors, Cornerstone, Workday, Docebo, Canvas, Blackboard, and 360Learning. Each exercise exports as a SCORM package in one click.

    Your LMS handles progress tracking, completion, and scores. Exercises run inside your LMS with no external calls, which handles data residency. Offline packaging is available for air-gapped networks.

  • Can we customize training content to align with our organizational policies?

    Pick from scenario packs for healthcare, finance, retail, and government. Set up per-department curricula for engineering, HR, and executive teams. For unique threat profiles, our content team builds custom exercises around your attack surface and operations.

    You can also upload your own materials directly: PDFs, presentations, videos, images, and third-party SCORM packages all live alongside RansomLeak exercises in a single content library.

  • What analytics and reporting capabilities are available for administrators?

    A real-time analytics dashboard shows completion rates by department, team, or individual. Knowledge assessment scores track comprehension across topics like phishing identification and data handling.

    All reports are audit-ready and formatted for SOC 2, ISO 27001, and HIPAA compliance. Data exports are available in PDF, CSV, and Excel. Scheduled automated reports can be delivered weekly or monthly.

  • How scalable is the platform for organizations with thousands of employees?

    Runs on AWS with auto-scaling for 50 to 50,000+ employees. Multi-tenant setup keeps each org's data isolated. Import users by CSV, sync through SCIM, or auto-enroll through the API.

  • How frequently is training content updated to address emerging threats?

    New training content ships monthly, with additional updates for significant threat developments. Recent additions cover AI-powered phishing, deepfake social engineering, QR code phishing (quishing), and business email compromise.

    A content review board of active security researchers validates every exercise before release. Existing exercises are updated to reflect the latest tactics documented in frameworks like MITRE ATT&CK.

Still have questions? Our team is here to help.

Chat With Us

Open in new tab
Isometric view of the 3D training room Desktop only

Best experienced on desktop

Our immersive 3D training room is built for larger screens. On a phone you get a simplified version of the tour.

  • 3D room
  • Widgets
  • Simulation

For the full experience, visit on desktop