Fable 1st Party Behaviors

1. Phishing Simulation Failure Rate

Purpose: Identifies "click-prone" employees by tracking failure rates over time rather than isolated incidents.

• Configurable Thresholds:

  • Lookback: 30, 60, 90, 180, or 365 days.

  • Failure Rate: 20%, 40%, or 60%.

  • Min. Simulations: 1, 3, or 5.

2. Briefing Incomplete

Purpose: Identifies employees who consistently ignore nudges and video briefings.

• How it works: Tracks the ratio of incomplete briefings against total deliveries.

• Configurable Thresholds: 30–90 day lookbacks with 20%–60% incompletion rates.

3. Compliance Training Overdue

Purpose: A snapshot of current "Day 0" risk—employees who are currently non-compliant with mandatory courses.

• How it works: Provides a daily snapshot of overdue assignments.

• Thresholds: Can flag employees with 1, 3, or 5+ currently overdue courses.

• Filtering: Admins can look at Active assignments only or Any historical overdue status.

Out of the Box Cohorts

Your Fable tenant comes out of the box with the following cohorts. If you wish to further configure these cohorts, please reach out to your Technical Account Manager.

• Repeat phishing offenders: Automatically groups employees who have failed 40% or more of their simulations over the last year (with at least 3 simulations completed).

• Employees with low briefing engagement: Targets users with a 40% or higher briefing incompletion rate over the last 90 days.

• Employees with overdue compliance: Identifies any employee who currently has at least one active compliance course past its due date.