# RansomLeak > B2B security awareness training platform delivering interactive 3D cybersecurity simulations, gamified learning, and SCORM-compliant packages for enterprise organizations. Founded in 2024 in Estonia by the creator of Kontra Application Security Training. RansomLeak builds immersive, scenario-based security training that employees actually complete. The platform covers phishing, ransomware, social engineering, vishing, smishing, business email compromise, deepfake whaling, USB drop attacks, AI prompt injection, and GDPR compliance. Training is delivered as SCORM packages for any LMS or through a standalone cloud platform with SSO, analytics, and white-labeling. ## Platform & Product - [Homepage](https://ransomleak.com/): Security awareness training with interactive 3D simulations, gamification, and enterprise deployment options - [Platform Features](https://ransomleak.com/features/): Interactive 3D simulations, real-time analytics, SSO/MFA, gamification, custom content, and compliance reporting for SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and NIS2 - [SCORM Integration](https://ransomleak.com/scorm/): Full SCORM 1.2 and 2004 compliance with one-click export for Moodle, Cornerstone, Workday, SAP SuccessFactors, Docebo, Canvas, Blackboard, and 50+ LMS platforms - [Free Exercise Library](https://ransomleak.com/learning/): 14+ free cybersecurity exercises covering phishing, ransomware, AI security, USB drop attacks, and more with no sign-up required - [Partnership Program](https://ransomleak.com/partners/): MSSP and technology partnerships with white-label training, API integration, and revenue sharing ## Free Interactive Exercises - [Phishing Detection](https://ransomleak.com/exercises/phishing): Identify and respond to phishing emails in a realistic simulation - [Ransomware Response](https://ransomleak.com/exercises/ransomware): Handle a live ransomware attack scenario and learn containment steps - [Social Engineering](https://ransomleak.com/exercises/social-engineering): Recognize manipulation tactics used in social engineering attacks - [Vishing (Voice Phishing)](https://ransomleak.com/exercises/vishing): Detect phone-based social engineering in simulated voice calls - [Smishing (SMS Phishing)](https://ransomleak.com/exercises/smishing): Spot fraudulent text messages and SMS-based attacks - [Business Email Compromise](https://ransomleak.com/exercises/business-email-compromise): Prevent CEO fraud, invoice manipulation, and account compromise - [Barrel Phishing](https://ransomleak.com/exercises/double-barrel-phishing): Defend against two-stage phishing attacks that bypass spam filters - [Deepfake Whaling](https://ransomleak.com/exercises/whaling-with-a-deepfake): Identify deepfake-powered executive impersonation attacks - [Data Leakage Prevention](https://ransomleak.com/exercises/data-leakage): Protect sensitive data from accidental or intentional leakage - [Social Media Oversharing](https://ransomleak.com/exercises/social-media-oversharing): Understand how social media posts create attack vectors - [OneNote Email Attack](https://ransomleak.com/exercises/onenote-email-attack): Detect malicious OneNote attachments used to deliver malware - [MGM Resorts Breach Case Study](https://ransomleak.com/exercises/mgm-resorts-security-breach): Analyze the real-world MGM Resorts cyberattack and its social engineering tactics - [USB Drop Attack](https://ransomleak.com/exercises/usb-drop-attack): Respond safely to suspicious USB devices found in the workplace - [AI Prompt Injection](https://ransomleak.com/exercises/clawdbot-prompt-injection): Learn how prompt injection attacks target AI assistants and chatbots ## GDPR Compliance Exercises - [Marketing Consent Management](https://ransomleak.com/exercises/gdpr-marketing-consent-management): Handle GDPR consent for marketing communications - [Data Breach Response](https://ransomleak.com/exercises/gdpr-data-breach-response): Execute proper breach notification under GDPR timelines - [Privacy by Design Review](https://ransomleak.com/exercises/gdpr-privacy-by-design-review): Evaluate systems for GDPR privacy-by-design compliance - [DSAR Processing](https://ransomleak.com/exercises/gdpr-legitimate-dsar-processing): Process data subject access requests correctly - [PII Document Redaction](https://ransomleak.com/exercises/gdpr-pii-document-redaction): Redact personally identifiable information from documents - [Fraudulent DSAR Detection](https://ransomleak.com/exercises/gdpr-fraudlent-dsar-detection): Identify and handle fraudulent data subject requests - [Third-Party Processor Vetting](https://ransomleak.com/exercises/gdpr-third-party-data-processor-vetting): Evaluate third-party data processors for GDPR compliance - [Security Incident Response](https://ransomleak.com/exercises/gdpr-security-incident-response): Manage security incidents within GDPR requirements - [Cross-Border Data Transfers](https://ransomleak.com/exercises/gdpr-cross-border-data-transfers): Navigate cross-border data transfer rules and mechanisms - [Data Protection Impact Assessment](https://ransomleak.com/exercises/gdpr-data-protection-impact-assessment): Conduct Data Protection Impact Assessments - [Data Mapping & Records of Processing](https://ransomleak.com/exercises/gdpr-data-mapping-and-records-of-processing): Create and maintain records of processing activities ## Blog & Guides - [Security Awareness Training: The 2026 Guide](https://ransomleak.com/blog/security-awareness-training-guide/): Implementation strategies, ROI measurement, and interactive training methods that build a human firewall - [Does Security Awareness Training Work? What 47 Studies Say](https://ransomleak.com/blog/security-awareness-training-effectiveness/): Analysis of 47 peer-reviewed studies on awareness training ROI and what actually changes employee behavior - [12 Common Cybersecurity Training Exercises](https://ransomleak.com/blog/cybersecurity-awareness-exercises/): Proven exercises that cut phishing clicks by 80%, including phishing simulations, tabletop scenarios, and a 90-day rollout plan - [15 Cyber Security Activities for Employees](https://ransomleak.com/blog/cyber-security-activities-for-employees/): Hands-on team activities that turn awareness into action with time estimates, materials, and facilitator notes - [Building a Human Firewall](https://ransomleak.com/blog/human-firewall-training/): Strategies for creating a security culture where employees actively protect your organization - [Phishing Simulation Training Guide](https://ransomleak.com/blog/phishing-simulation-training/): How phishing simulation training works and why it outperforms passive awareness content - [How to Spot Phishing](https://ransomleak.com/blog/phishing-detection/): Visual and technical signs that reveal phishing websites and emails - [Barrel Phishing: Two-Stage Attacks](https://ransomleak.com/blog/barrel-phishing/): How barrel phishing bypasses spam filters by sending a harmless email before the real attack - [Vishing Attacks Explained](https://ransomleak.com/blog/vishing-awareness/): How voice phishing exploits phone conversations and why it fools even trained employees - [Smishing Attacks Explained](https://ransomleak.com/blog/what-is-smishing-cybersecurity/): How text message phishing works and organizational defense strategies - [Whaling Attacks on Executives](https://ransomleak.com/blog/what-is-whaling-cybersecurity/): Why C-suite executives are prime targets and how to protect high-value individuals - [Social Engineering Attacks](https://ransomleak.com/blog/social-engineering-attacks/): How hackers exploit human psychology with real examples and defense strategies - [Business Email Compromise Training](https://ransomleak.com/blog/bec-training/): Preventing million-dollar wire fraud from CEO fraud, invoice manipulation, and account compromise - [Email Security Training Guide](https://ransomleak.com/blog/email-security-training/): Protecting organizations from phishing, BEC, and email-based threats through effective training - [Mobile Security Training](https://ransomleak.com/blog/mobile-security-training/): Protecting remote and mobile workers from smishing, mobile phishing, and BYOD security risks - [Compliance Training for Regulated Industries](https://ransomleak.com/blog/compliance-training/): Meeting HIPAA, PCI DSS, SOC 2, GDPR, ISO 27001, and NIST requirements through employee training - [Free Security Awareness Training Resources](https://ransomleak.com/blog/free-security-awareness-training/): Quality free training options, their limitations, and when to upgrade to enterprise solutions - [SCORM Security Training: LMS Integration Guide](https://ransomleak.com/blog/scorm-security-training/): Deploying security training to any LMS with SCORM 1.2 vs 2004 comparison and setup guides - [Open Source LMS for Security Training](https://ransomleak.com/blog/open-source-lms-security-training/): Moodle, Canvas, and Open edX compared for SCORM security training with real cost analysis - [KnowBe4 Alternatives Compared](https://ransomleak.com/blog/knowbe4-alternatives/): Top security awareness training platforms compared by features, pricing, and use cases - [AI Coding Assistant Security Risks](https://ransomleak.com/blog/ai-coding-assistant-security-risks/): Prompt injection, data exfiltration, and security risks from AI coding tools that most organizations overlook - [Clawdbot (Moltbot) Security Risks](https://ransomleak.com/blog/clawdbot-security-risks/): Critical vulnerabilities in Clawdbot including plaintext credential storage, prompt injection, and infostealer targeting ## Company - [About RansomLeak](https://ransomleak.com/about-us/): Founded in Estonia by Dmytro Koziatynskyi (CEO) and Maksym Khamrovskyi (CMO), previously creators of Kontra Application Security Training - [Contact & Demo](https://ransomleak.com/contact-us/): Request a personalized demo or get an enterprise training quote with typical response within 24 hours - [Learning Platform](https://learning.ransomleak.com): Standalone cloud LMS with user management, analytics, campaign management, and SSO ## Optional - [Security & Compliance](https://ransomleak.com/security-compliance/): Enterprise-grade security with GDPR compliance, encryption, and alignment with NIST, SOC 2, and NIS2 frameworks - [Privacy Policy](https://ransomleak.com/privacy-policy/): Data protection practices and GDPR compliance details - [Terms of Service](https://ransomleak.com/terms-of-service/): Terms governing use of the platform and services