GoPhish Cloud - Enterprise Phishing Simulation Platform

Enterprise phishing simulation platform. One-click AWS deployment with email integration, campaign management, and analytics.

3 AWS reviews

View purchase options

Try for free

Overview

Product video

Deploy Enterprise Phishing Simulation in Minutes

GoPhish Cloud is a fully-managed, enterprise-grade phishing simulation platform that helps organizations test and improve their security awareness posture through realistic phishing campaigns.

What You Get

Complete phishing simulation platform pre-configured and ready to use
AWS-integrated deployment with EC2, RDS MySQL (optional), and Amazon SES
Unlimited phishing campaigns with scheduling and automation
Advanced analytics dashboard with real-time metrics
Email template library with customization tools
Landing page designer for capturing credentials (training)
REST API for automation and integrations
Standard support included (3-5 day response) - upgrade available

Perfect For

Security teams running regular awareness training campaigns
IT departments testing employee security awareness
Compliance teams meeting security training requirements
MSPs delivering phishing simulation services to clients
Organizations of 50-10,000+ employees

Key Features

Campaign Management

Create unlimited phishing campaigns
Schedule campaigns for optimal timing
Clone and reuse successful templates
Multi-campaign dashboard
Historical tracking and trending

Email Capabilities

HTML email template designer
Dynamic personalization (name, position, department)
File attachments support
Automatic tracking pixels
Import from existing emails
Amazon SES integration for high deliverability

Analytics & Reporting

Real-time campaign metrics
User interaction tracking (opens, clicks, data submission)
Detailed timeline views
Exportable reports (PDF, CSV)
Trend analysis across campaigns
Risk scoring by department/user

Integration & Automation

Complete REST API
Webhook notifications
LDAP/Active Directory sync
SAML/SSO authentication
CI/CD integration support

Pricing

$0.24 per vCPU/hour - Simple, transparent pricing
2 vCPU minimum, 8GB memory - Right-sized for most organizations
~$350/month starting cost - Database, storage, and networking included
30-day free trial available - Test with no commitment
Standard support included - Professional and Enterprise support available as add-ons

Deployment Details

Infrastructure Included

Compute: EC2 instance (t3.medium or larger)
Database: RDS MySQL (optional) (DB included in VM)
Email: Amazon SES integration (separate SES costs apply)
Storage: EBS volumes for data persistence
Networking: VPC, security groups, load balancer optional

Setup Time

5-10 minutes automated CloudFormation deployment
Pre-configured security groups and IAM roles
Production-ready out of the box
Fully managed infrastructure

Security & Compliance

SOC 2 Type II compliant infrastructure
Data encryption at rest and in transit
Private VPC deployment
Customizable security groups
Audit logging enabled
GDPR/CCPA compliant data handling

Why GoPhish Cloud?

vs. SaaS Phishing Platforms

50-70% cost savings vs. KnowBe4, Proofpoint, or Cofense
Complete data ownership - all data stays in your AWS account
No per-user licensing - unlimited users included
Full customization - modify templates, workflows, branding

vs. Self-Hosted GoPhish

Managed infrastructure - no server administration required
Pre-configured integrations - SES, RDS, monitoring included
Automatic updates - security patches and features
Professional support - expert assistance available
High availability options - multi-AZ deployments available

Getting Started

Subscribe on AWS Marketplace (uses your AWS committed spend)
Deploy using our CloudFormation template (5-10 minutes)
Configure your first campaign using our template library
Launch and monitor results in real-time

Support Resources

Email: support@hailbytes.com
Documentation: https://hailbytes.com/pages/documentation/
Product Page: https://hailbytes.com/pages/gophish/
Support Plans: https://hailbytes.com/pages/support-pricing/

Questions? Visit https://hailbytes.com or email sales@hailbytes.com

Technical Requirements

AWS account with EC2, RDS, SES permissions
Minimum: 2 vCPUs, 8GB RAM
Recommended: 4-8 vCPUs for large organizations (500+ employees)

Highlights

One-click AWS deployment
Unlimited phishing campaigns with advanced analytics
30-day free trial with Standard support included

Details

Sold by

HailBytes

Unlock automation with AI agent solutions

Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.

Explore AI agent solutions

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Free trial

Try for free

Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

GoPhish Cloud - Enterprise Phishing Simulation Platform

Info

View purchase options

Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Usage costs (5)

Info

Dimension	Cost/hour
t3.medium Recommended	$0.48
t3.xlarge	$0.48
m4.large	$0.48
t3.large	$0.48
t3.2xlarge	$0.48

Vendor refund policy

How can we make this page better?

We'd like to hear your feedback and ideas on how to improve this page.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Version

Delivery details

64-bit (x86) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

Infrastructure Changes: No infrastructure changes this update.

Application Changes: We have updated tracking and URL templates for all landing pages and email templates. 35 email templates and landing page templates come pre-installed. We have also added a sending profile for Mailgun in addition to the existing profiles.

Additional details

Usage instructions

The GoPhish Phishing Framework will start automatically when the instance launches.

It will be added to a security group with port 3636 open to 0.0.0.0/0 which we advise you narrow to your office IP immediately.

Open an Internet browser to https://your-public-ipv4-dns:3636 and login with the default username (admin) and password (your-instance-id).

You'll be prompted to change your password immediately and you should use a strong password and store this in a password manager.

The server starts with an example certificate you can use for internal testing, you can generate a subdomain for your admin dashboard as well as for the phishing landing pages themselves by following our DNS/TLS documentation here: https://docs.google.com/document/d/e/2PACX-1vQIMus7nEI2aYOdhutUtcySaZdIXw7s0iFdesxiNXg_g5gmaDgagmcO5OLsLzamdOUrsOg7qgRUNw1I/pub

You'll need to login to the server via SSH and generate your own certificates for real-world testing.

Simply replace the .crt and .key files located in /opt and update the config.json in the same directory, then use service gophish restart to apply the new certificates.

Resources

Vendor resources

Documentation

API Reference

Support Plans

Support

Vendor support

Support Resources

Email: support@hailbytes.com
Documentation: https://hailbytes.com/pages/documentation/
Product Page: https://hailbytes.com/pages/gophish/
Support Plans: https://hailbytes.com/pages/support-pricing/

Questions? Visit https://hailbytes.com or email sales@hailbytes.com

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Product comparison

Info

Updated weekly

GoPhish Cloud - Enterprise Phishing Simulation Platform

By HailBytes

Proofpoint Security

By Proofpoint

NetSPI

By NetSPI

Accolades

Info

Top

In eLearning, Application Stacks

Top

In Data Security and Governance

Top

In Assessments

Customer reviews

Info

Sentiment is AI generated from actual customer reviews on AWS and G2

Reviews

Functionality

Ease of use

Customer service

Cost effectiveness

2 reviews

Insufficient data

500 reviews

11 reviews

Insufficient data

Positive reviews

Mixed reviews

Negative reviews

Overview

Info

AI generated from product descriptions

Campaign Management

Supports creation of unlimited phishing campaigns with scheduling, cloning, multi-campaign dashboard, and historical tracking capabilities

Email Simulation

Provides HTML email template designer with dynamic personalization, file attachments support, automatic tracking pixels, and Amazon SES integration

Security Analytics

Offers real-time campaign metrics with user interaction tracking, detailed timeline views, exportable reports, trend analysis, and risk scoring by department/user

Authentication Integration

Supports LDAP/Active Directory synchronization, SAML/SSO authentication, and complete REST API for system integrations

Infrastructure Security

Implements data encryption at rest and in transit, private VPC deployment, customizable security groups, audit logging, and SOC 2 Type II compliant infrastructure

Threat Detection

AI-driven solution that identifies and prevents advanced email and cloud-based threats using content, behavior, and threat telemetry

Data Loss Prevention

Comprehensive protection against insider threats by providing contextualized insights into content, behavior, and user interactions across multiple channels

Automated Remediation

Scalable incident response mechanism that enables consistent and automated handling of sophisticated email security attacks

Multi-Channel Security

Integrated protection across cloud, email, endpoint, and web platforms with centralized threat monitoring and management

Privacy Protection

User data anonymization, content snippet masking, and regional data residency management to ensure privacy during security monitoring

Penetration Testing Methodology

Comprehensive security testing across multiple domains including AI, applications, mainframes, cloud, and network infrastructure

Attack Surface Management

Continuous discovery and monitoring of external and cyber assets with real-time vulnerability identification and prioritization

Security Control Validation

Breach and attack simulation to validate effectiveness of existing cybersecurity tools and detect potential security gaps

Asset Discovery and Monitoring

Automated identification and tracking of unknown assets, security control coverage, and contextual risk assessment

Expert-Driven Security Assessment

Manual validation and expert-led analysis of security vulnerabilities with advanced threat detection capabilities

Security credentials

Info

Validated by AWS Marketplace

FedRAMP

GDPR

HIPAA

ISO/IEC 27001

PCI DSS

SOC 2 Type 2

No security profile

Contract

Info

Standard contract

Customer reviews

Leave a review

Ratings and reviews

Info

3 ratings

5 star

4 star

3 star

2 star

1 star

67%

33%

3 AWS reviews

Pentest27

Better than KnowBe4

Reviewed on Oct 27, 2021

Review from a verified AWS customer

This instance is my go-to method for performing phishing campaigns. It's easy to just spin up an instance and get started without dealing with the complications of other phishing simulators. I've been using Gophish for a few years now and couldn't be happier with the newest update and the product support from David.

Box

Great instance

Reviewed on Oct 14, 2021

Review from a verified AWS customer

So we've been using their instance for well over a year, great support! highly recommend for those that need something better than know b 4 and micorsoft security phishing with a million more options with their API support

Gophisher1.0

Do not recommend

Reviewed on Mar 03, 2021

Review from a verified AWS customer

The server runs well, but when you look under the hood, it's an expensive hourly license for a simple Docker installation. Supposedly the support is worth it, however I could not get anyone on the line.

Because docker proxy already occupies ports 80 and 443, it was difficult to add a certificate (e.g. with letsencrypt). Tried to call the support line quite a few times to resolve this but could never get someone the line.

View all reviews