HailBytes SAT Tutorial

Risk-Based Auto-Enroll

Stop manually chasing repeat clickers. Define risk thresholds and let HailBytes SAT enroll the right users in the right training.

Risk Score Inputs

HailBytes SAT computes a per-target risk score on every campaign event. The score combines:

  • Click history: clicks count more than opens; recent clicks count more than old ones (decay).
  • Submission history: a credential submission carries the highest weight.
  • Reporting accuracy: a strong reporter offsets risk; a noisy reporter does not.
  • Training completion: completed remedial training reduces score.
  • Tenure: new hires get a small grace window.

Force a recalculation any time with POST /api/risk/recompute (admin).

Configure an Auto-Enroll Rule

Open Settings → Risk & Remediation and create a rule. A rule has three parts:

  1. Trigger: a risk-score threshold, a click count, or a submission event.
  2. Audience filter: optional. Restrict to a department, a group, or org units.
  3. Action: assign a training module or a multi-module track.
POST /api/risk/auto_enroll
{
  "name": "Two-clicks-in-90d → phishing fundamentals",
  "trigger": {
    "type": "click_count",
    "value": 2,
    "window_days": 90
  },
  "audience": {
    "exclude_groups": ["Security Team"]
  },
  "action": {
    "type": "assign_track",
    "track_name": "Phishing Fundamentals (4 weeks)"
  },
  "enabled": true
}

Run the Engine

Rules evaluate automatically after each campaign event. To re-run all rules over the existing population (e.g. after editing a rule):

POST /api/risk/auto_enroll/run

See Who's Enrolled

GET /api/risk/repeat-offenders          # Top-of-list view
GET /api/training/risk/top              # Repeat-clicker watchlist
GET /api/training/risk/export.csv       # CSV export for HR / managers
GET /api/remedial_training/assignments/ # Active assignments

The Training Dashboard surfaces these as a single Repeat Clicker Watchlist widget.

Best Practices

  • Start with one or two rules. Layered rules can over-enroll and burn out users.
  • Always exclude the security team and IT admins.
  • Pair auto-enroll with a manager notification webhook so people-leaders see who's been assigned.
  • Sunset a rule once your repeat-click rate falls below your target.

Next Steps

Training Tracks

Build multi-module curricula to assign from a rule.

View Tutorial →

Executive Reports

Show leadership how risk has trended after auto-enroll went live.

View Tutorial →

Related Tutorials

Get the Free HailBytes SAT Getting Started Guide

A 7-part email series covering everything from your first deployment to advanced configuration and real-world workflows. One email per day, no spam.