Everything teams want to know before rolling out train2secure — trial access, pricing, plans, phishing simulations, compliance and security.
Getting your team into the first lesson.
Sign-up to first lesson takes under five minutes. There are no demos, no sales calls and no procurement queue — choose a plan, create your account, invite your team (CSV bulk import or one-by-one), and they can start the first video immediately.
Yes — two of them, both completely free with no credit card required. (1) The Free Training Trial gives you a complete, multi-module training course — not just a single lesson — with the timed quizzes and the same sample completion certificate your team would earn on a paid plan. You pick which country edition you want — United States, Australia, United Kingdom or Canada — and each one is purpose-built for that nation's own laws and standards (New Zealand and the EU are coming soon). (2) The Free Phishing Risk Assessment runs a real phishing simulation against your own staff and emails you a board-ready executive PDF risk report, usually within 24 hours of launch. Pick whichever fits what you're evaluating at /free-trial, or contact us if you'd like a longer evaluation.
Yes. You can invite users one-by-one or upload a CSV with their names and email addresses to add hundreds of learners at once. Invitations go out automatically and learners set their own passwords on first login — no manual provisioning required.
Plans, payment and what happens at renewal.
You pay only for the active user licences you need, billed monthly or yearly. Volume discounts apply automatically at checkout: 10% off from 16 users, 20% from 26, and 30% from 51. There is a 5-licence minimum and no maximum until 500 (contact us above that).
Yes. There is no lock-in contract on any plan. You can cancel from your account settings or by contacting support at any time. Cancelling stops future renewal charges; you keep access until the end of the period you've already paid for.
All major credit and debit cards (Visa, Mastercard, American Express) and bank transfers, all processed securely via Stripe. Stripe handles regional payment methods automatically based on your country at checkout. Annual invoicing is available on the Managed plan — get in touch.
Yes — every plan includes a 30-day money-back guarantee. If train2secure isn't right for your organisation in the first 30 days, email us and we'll process a full refund. Subject to standard terms — see our refund policy for details.
What every paid plan includes, and how Pro and Managed differ.
Pro is fully self-serve — your admins run campaigns and assign training. Managed means our team handles everything for you: setup, user onboarding, phishing campaigns, reminders, monthly executive reports and a dedicated account manager. Same training catalogue, zero admin overhead.
Phishing simulations are included on the Pro and Managed plans. You get 29 realistic brand-impersonation templates (Microsoft, Google, DocuSign and more), full click and report tracking, and automatic follow-up training for users who fall for a campaign.
Yes. On every paid plan, every learner receives a downloadable PDF certificate when they finish a module — including a unique verification ID, the module title, the standards it maps to, and the completion date. The free Training Trial issues a sample certificate so you can preview the design and format that paying customers' staff receive (it's not an auditor-grade compliance record itself — verified certificates with audit codes are issued automatically once you're on a paid plan).
The frameworks we map to and the proof your auditors ask for.
We publish a separate course edition for each country, each built to that nation's own laws and regulators so your staff learn the rules that actually apply to them. United States: HIPAA, SOX, NIST CSF 2.0, CCPA and the FTC Safeguards Rule. Australia: the Privacy Act and APPs, the Essential Eight (ACSC), APRA CPS 234 and the Notifiable Data Breaches scheme. United Kingdom: UK GDPR, the Data Protection Act 2018, Cyber Essentials and NCSC guidance. Canada: PIPEDA, Quebec's Law 25 and CCCS guidance. New Zealand (Privacy Act 2020, NZISM) and the European Union (GDPR, NIS2, DORA) editions are coming soon. Universal frameworks — ISO 27001:2022, CIS Controls v8.1 and PCI DSS 4.0 — run through every edition. The /standards page shows exactly which controls each course supports.
Yes. Every plan includes a one-click Cyber-Insurance Training Report: a per-person table with each learner's name, email, department, courses completed (with dates) and 12-month phishing simulation click rate — plus a full per-campaign history. Pair it with our HMAC-signed verify URL + QR code so your broker can confirm the figures haven't been altered. The report covers the security-awareness section of cyber-insurance underwriting questionnaires; you'll still need other tooling for MFA, patching, backups, and incident response. You can revoke any signed snapshot at any time.
Every Company Admin can generate a Cyber-Insurance Training Report PDF from the Reports panel in one click. It contains: a per-person table — one line per active learner — with name, email, department, courses completed (n / total), most recent completion date, the last course they finished, and their phishing simulation click rate; a 12-month phishing send / click trend chart; and a full per-campaign history table with dates, recipients, opens, clicks, and click rate. The PDF is downloadable, can be emailed straight to your broker, and is paired with an HMAC-signed verify URL + QR code so figures are tamper-evident. It covers the training & awareness section of cyber-insurance questionnaires — not the technical-controls section (MFA, patching, EDR, backups, IR plan) which lives in other tooling.
Can't find what you're looking for? Get in touch with us
Looking for prices? See pricing & plans
Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.
