What is SKALES and how does it work?

SKALES business staff collaborative boxes

SKALES is a multi modular solution, providing security fixes to existing email-based security gaps.
SKALES is available for both Microsoft O365 and Google’s G Suite, working seamlessly across both providers.
It also works well with other security providers, such as Mimecast or Proofpoint, providing an additional security layer.

There are two main elements to SKALES:

  • SKALES in the Mailbox
  • SKALES in the Cloud

SKALES is deployed through Office 365 or G Suite, directly into staff mailboxes. This ‘touch-point’ allows SKALES to interact with staff, providing benefits such as training and nudging.

Training available consists of videos, literature and quizzes, made available within the mailbox and capturing training statistics for security teams.

But SKALES is much more than training, with additional features such as enhanced phish reporting. With these capabilities identification of suspicious mail is swiftly categorised reducing the noise received by security teams, enabling quick focus on threats and spam.

Built upon psychology-based research in human behaviours, gamification was added to reward staff for interaction and improving overall engagement. This interaction provides security teams with cultural statistics, further identifying areas of risk.

Security teams, managers, CISOs, incident responders, and SOC analysts can access valuable data and triage accordingly with SKALES dashboard. API access is also available, allowing security teams to automate and utilising a SOAR model.

Start today by simply signing up for free. Quickly and easily upgrade (or downgrade) within your SKALES dashboard.


SKALES provides a multi-modular solution for organisations using Microsoft O365. Quickly and easily authorise and deploy through Microsoft Office and Azure platforms, leaving you in control of permissions, and SKALES with complex configuration!

Utilising Microsoft’s O365 technology stack, updates are automatic and no additional desktop software or end user websites are required. Whether using Outlook on desktop or in the browser, SKALES seamlessly works in both, which means not just Edge or Windows! Mac is supported through MS Office for Mac. Keeping it simple and secure.


Unlike many competitors, we recognise not all organisations are bound to the Microsoft stack. While many organisations may exclusively use G Suite, there are also many organisations that are split across email providers. SKALES operates across multiple providers seamlessly, providing protection for all. As an example, where staff on the Microsoft stack report a threat those within G Suite offering gain the benefit, and vice versa.

SKALES Guardian develops a community of defenders within your organisation, establishing a powerful human-layer that works irrespective of which email provider is used.


Whether customers are asking for it, professional bodies are demanding it, or your organisation are keen to adopt it, compliance to standards are critical to many businesses, especially security compliance. Organisations seeking to acquire accreditation such as SOC2, ISO27001, or NCSC Cyber Essentials are typically mandated to provide security training. SKALES rapidly deploys and starts providing security training, supporting adoption of accreditation.
security compliance

Staff buy-in

Security can be difficult to adopt within any organisation. SKALES encourages staff with security adoption with 3 techniques:

  • Simplicity
  • Gamification
  • Awareness

Technology can be frustrating, but by reducing effort needed to identify and report, SKALES aims to reduce that burden.

Built-on human psychology research, SKALES adoption of gamification encourages staff engagement through enjoyment and rewards.

Telling staff cybercriminals are bad periodically does little to change the mindset. But by using features such as nudging of suspicious messages or reporting on cyber threat news supports staff to understand the degree of threat facing their organisation.


Staff Susceptibility

An organisations staff, no matter how brilliant they are, they are only human. Given that most staff are busy working to a deadline, completing that document whilst rushing to a meeting, it is no surprise they may fall foul to phishing. In addition, security is a lower priority, deadlines, personal worries and interests do take a higher priority in most individuals conscious and unconscious thought or actions. This is how cybercriminals are successfully attacking millions of businesses and one of the reasons why staff click dangerous links.

Staff susceptibility is a fantastic metric to understand the risk of the human-layer. Today, the best way to gain that metric is to perform simulated phishing tests. The NCSC has previously discouraged such types of tests, lowering trust and moral within an organisation. There have been numerous use cases for where this has gone horribly wrong and having the opposite effect in further securing the business. But SKALES has another way.

Whilst SKALES provides a phishing simulation and templates to correctly administer such tests, SKALES also provides the metric of staff susceptibility through SKALES Guardian and using real live data. Using community driven activity and security professional input, SKALES provides an understanding into your staff susceptibility through engagement and accuracy ratings. These metrics provide a means to measure your security awareness programme and help further reduce risk.

phishing mail

Incident Response

Something has gone wrong, and speed and efficiency is needed to reduce the impact. Analysts need to quickly identify the source of the incident and be provided essential information to further discover additional threat vectors.

SKALES administrator dashboard and API capability provides analysts with crucial data to support the identification of infection and swift remediation. There are three use cases to follow; User reported messages, SKALES reported messages, or threat hunting.

User reported messages provides that human-layer and flag suspicious messages. With SKALES enhanced reporting, users can identify and categorise threat, providing analysts with a starting point of why a message was reported.

SKALES continuously identifies suspicious messages, and with the community of defenders, even individuals not associated to your organisation can flag threats. Messages can be ordered through threat scores, allowing analysts to focus on the greatest threats.

Analysts may have received intelligence such that an IOC (Indicator of Compromise) is known to be targeting their organisation. They can use such intel within SKALES to hunt for IOCs and identify undetected threats.

SKALES also supports the swift remediation of threats. Analysts can remove dangerous messages from staff mailboxes with a few clicks, such that malspam maybe sending numerous messages within an organisation, SKALES can remove that message from all staff mailboxes.

security incident response

Subscribe for more