KnowBe4 debuts AI agent for tailored cyber training

KnowBe4 has launched an AI-powered Custom SAPA agent that generates security awareness assessments tailored to an organisation's policies, technologies and controls.

The product is part of AIDA, KnowBe4's Artificial Intelligence Defence Agents suite. It addresses a long-running challenge in security awareness programmes: standardised tests often fail to reflect how security operates within a specific business unit, industry or toolset.

KnowBe4 positions the Custom SAPA agent as a way for security and IT teams to measure human cyber risk more precisely than general assessments. It uses organisational context-such as internal policies, the security stack and the industry environment-to build question sets. The aim is to surface knowledge gaps and provide more granular data to guide training and remediation.

Baseline assessments are often used as a quick snapshot of workforce knowledge, but can become less useful as programmes mature and organisations adopt different controls and workflows. The Custom SAPA agent shifts assessments away from a fixed list of questions toward tests that reflect local controls and day-to-day practices.

Product Detail

Administrators can review questions before they are issued, helping keep assessments relevant for specific teams and reducing the risk of testing content that conflicts with internal policy.

The agent also provides per-question response analytics, showing how learners respond to individual security concepts rather than only producing an overall score. The data can highlight trends and areas that warrant attention.

Assessment results can also be linked to follow-on training. Outcomes can inform targeted security awareness campaigns, aligning training to identified risks instead of running broad courses across the entire workforce.

Executive View

KnowBe4 CEO Bryan Palma said security leaders often struggle to justify investment decisions when they rely on generalised measurements.

"Our goal with the Custom SAPA Agent is to eliminate the guesswork security leaders face when trying to justify training and remediation efforts," said Bryan Palma, CEO, KnowBe4.

"Decisions are often made using generalised assessment data that doesn't reflect an organisation's true internal reality," Palma said. "This lack of specific data creates obstacles for security teams, leading to friction when they need to secure investments, set remediation priorities, or communicate risk. We provide the precise data teams require to confidently articulate their security posture."

Greg Kras, chief product officer at KnowBe4, described the product as a shift in how assessments function within a security awareness programme.

"The Custom SAPA Agent transforms the traditional assessment from a general proficiency check into a diagnostic instrument designed to identify the knowledge gaps that matter most to an organisation's specific risk profile," Kras said.

"By aligning questions to the organisation's real-world controls and policies, we are giving security leaders the opportunity to create training programs that address their high-priority risks," he added.

Data Foundation

KnowBe4 said it built the Custom SAPA agent using insights from more than 50,000 organisations and five million SAPA completions. It said more than five years of usage data helped refine its SAPA framework into a more adaptive approach.

KnowBe4 has marketed SAPA as a way to measure security awareness proficiency. The new agent extends that concept by applying organisational context when generating assessment content, rather than relying on a standardised question bank across customers.

The launch also reflects a broader trend among security vendors using AI agents for governance, monitoring and measurement. For awareness training suppliers, the shift has raised questions about keeping content accurate and relevant across different environments. KnowBe4's approach combines contextual question generation with an administrator review step.

The Custom SAPA agent is available to customers with an AIDA subscription, KnowBe4 said.