KnowBe4 Launches Custom SAPA AI Agent to Transform Security Awareness Assessments
Delivered as part of AIDA, KnowBe4’s suite of Artificial Intelligence Defense Agents, the Custom SAPA Agent represents a shift from generalized security assessments to environment-aware, organization-specific testing.
KnowBe4, the globally recognized platform for managing human and agentic AI security risks, has announced the launch of its Custom SAPA (Security Awareness Proficiency Assessment) AI Agent. Delivered as part of AIDA, KnowBe4’s suite of Artificial Intelligence Defense Agents, the Custom SAPA Agent represents a shift from generalized security assessments to environment-aware, organization-specific testing.
For years, organizations have relied on standardized assessments such as KnowBe4’s SAPA to gauge baseline user security knowledge. However, as security programs advance, there is a growing need for assessments that reflect an organization’s unique policies, technologies, and workflows. The Custom SAPA Agent addresses this by leveraging information about a company’s security stack and industry context to generate tailored questions that mirror real-world security practices within that specific environment.
“Our goal with the Custom SAPA Agent is to eliminate the guesswork security leaders face when trying to justify training and remediation efforts. Decisions are often made using generalized assessment data that doesn’t reflect an organization’s true internal reality. This lack of specific data creates obstacles for security teams, leading to friction when they need to secure investments, set remediation priorities, or communicate risk. We provide the precise data teams require to confidently articulate their security posture.”
– Bryan Palma, CEO, KnowBe4
The Custom SAPA Agent offers several key features, including:
- Organization-Specific Precision: Assessment questions are generated based on the organization’s real environment rather than a fixed question set.
- Admin Control: Administrators can review and curate questions to ensure relevance for their workforce.
- Granular Risk Insights: Per-question analytics reveal learner engagement with security concepts and highlight priority risk areas.
- Actionable Training Roadmaps: Outcomes directly inform targeted Security Awareness Training (SAT), ensuring follow-up training is data-driven and aligned with actual risks.
“The Custom SAPA Agent transforms the traditional assessment from a general proficiency check into a diagnostic instrument designed to identify the knowledge gaps that matter most to an organization’s specific risk profile. By aligning questions to the organization’s real-world controls and policies, we are giving security leaders the opportunity to create training programs that address their high-priority risks.”
– Greg Kras, Chief Product Officer, KnowBe4
The development of the Custom SAPA Agent builds on more than five years of usage data from over 50,000 organizations and five million SAPA completions, allowing KnowBe4 to refine its proven framework into a more adaptive, intelligent tool for IT and InfoSec leaders.
The Custom SAPA Agent is now available to customers with an AIDA subscription, providing organizations with a smarter, more precise way to measure and improve security awareness across their teams.
