Introduction: The Phishing Problem Has Changed Fundamentally
Phishing used to be easy to spot.
Broken English. Suspicious sender addresses. Generic greetings. Obvious urgency. The kind of email that made even moderately tech-literate people roll their eyes and hit delete without a second thought.
That era is over.
The phishing emails landing in corporate inboxes in 2025 are different in kind, not just degree. They are grammatically flawless. They reference real internal projects, real colleague names, real organizational context. They arrive at psychologically optimal moments — Monday mornings, Friday afternoons before holidays, during periods of organizational stress. They mimic the exact writing style of the executive they claim to be from. They contain no malicious attachments or suspicious links that traditional security tools are trained to catch.
This is what AI-generated phishing looks like. And it is defeating security awareness programs that were built to defend against a fundamentally different threat.
The reason is straightforward. Most security awareness training teaches people to look for the signals that characterized phishing before AI writing tools became capable and accessible. Those signals are disappearing. The new AI-generated phishing attack has almost none of the traditional red flags — and the people being trained to spot traditional phishing have no framework for recognizing the more sophisticated attacks that are replacing them.
Living Security is a cybersecurity company that has positioned itself specifically around the human side of security — changing behavior, building genuine security awareness, and addressing the social engineering threats that technical controls alone cannot stop. Given the dramatic evolution of phishing through AI, evaluating how effectively Living Security addresses this specific and growing threat is a worthwhile exercise.
This article takes an honest, detailed look at Living Security’s approach, its strengths, its limitations, and how it stacks up against the AI-generated phishing challenge.
Who Is Living Security?
Living Security was founded in 2017 and is headquartered in Austin, Texas. The company built its initial reputation on an unconventional approach to security awareness training — using immersive, game-based experiences rather than the dry compliance videos and click-through modules that have characterized security awareness training for decades.
The company’s flagship offering evolved from escape-room-style in-person security awareness experiences into a more comprehensive platform that combines engaging training content with behavioral analytics, risk quantification, and what the company calls human risk management — a broader framing that positions security awareness not as a compliance activity but as a genuine risk reduction program.
Living Security rebranded and repositioned significantly around 2022 and 2023, shifting its emphasis toward the Unify platform — a human risk management solution that aggregates behavioral data from across an organization’s security stack to build individual and organizational risk scores that security and HR teams can act on.
This evolution is relevant context for evaluating Living Security on AI-generated phishing specifically — because the company’s answer to sophisticated phishing threats is not just better phishing simulation, but a broader behavioral intelligence approach that attempts to address the human vulnerability underlying phishing susceptibility rather than just training people to recognize specific attack patterns.
The AI-Generated Phishing Challenge in Detail
Before evaluating Living Security’s response, it is worth being precise about what AI-generated phishing actually involves and why it is so much harder to defend against than traditional phishing.
Spear Phishing at Scale
Traditional spear phishing — highly personalized attacks targeting specific individuals — was effective but expensive. Crafting a convincing, personalized phishing email required human research and writing time that limited how many targets an attacker could pursue simultaneously.
AI writing tools have essentially eliminated this constraint. An attacker can now generate hundreds of highly personalized, contextually appropriate phishing emails in the time it previously took to write one. The personalization that made spear phishing effective — referencing the target’s role, recent projects, colleagues, and organizational context — can now be achieved at scale using AI tools that synthesize information from LinkedIn profiles, company websites, social media, and other publicly available sources.
This is not a theoretical capability. It is being actively exploited by threat actors across the sophistication spectrum — from organized criminal groups running business email compromise schemes to nation-state actors conducting targeted espionage campaigns.
Voice and Video Phishing
AI-generated phishing is not limited to email. Voice cloning technology has made vishing — voice phishing — dramatically more convincing. Attackers can now clone the voice of a CEO, CFO, or other authority figure from a few minutes of publicly available audio and use that cloned voice in phone calls to employees, instructing them to take actions — transferring funds, providing credentials, granting access — that they would refuse from an unknown caller.
Deepfake video technology is adding another dimension. Video call impersonation using real-time deepfake technology has been used in high-profile fraud cases — including a case in which a finance employee was deceived into transferring millions of dollars during what appeared to be a video call with multiple senior company figures who were entirely AI-generated.
The security awareness training implications of this expanded attack surface are significant. Employees need frameworks for verifying identity across multiple channels — not just email — and the traditional “look for these red flags” approach is even less adequate for voice and video attacks than for text-based phishing.
The Disappearing Red Flags
The specific challenge AI-generated phishing poses for security awareness training is that it targets the training itself. Most security awareness programs teach people to look for specific red flags — poor grammar, suspicious links, unusual sender addresses, generic greetings, excessive urgency. AI-generated phishing is specifically capable of eliminating all of these signals.
When an employee has been trained to look for signals that the attack deliberately lacks, the training does not just fail to help — it may actively create false confidence. An employee who carefully checks for the red flags they were trained to identify, finds none of them, and therefore concludes the email is legitimate has been made more vulnerable by training that addressed yesterday’s threat rather than today’s.
Living Security’s Approach to Phishing Defense
The Human Risk Management Philosophy
Living Security’s core philosophical positioning is that traditional security awareness training — compliance-focused, periodic, content-heavy — does not actually change behavior in ways that reduce organizational risk. It produces completion certificates, not security culture.
The company’s alternative is what it calls human risk management — treating human behavior as a risk variable that can be measured, monitored, and managed with the same rigor that technical security risks receive. Rather than training everyone on the same content at the same intervals regardless of their actual risk profile, the human risk management approach uses behavioral data to identify individuals and groups with elevated risk, target interventions toward those specific risk profiles, and measure whether those interventions are actually changing behavior rather than just generating training completions.
Applied to phishing specifically, this means that Living Security’s Unify platform aggregates data from phishing simulation tools — including third-party simulation platforms like KnowBe4 and Proofpoint — alongside other behavioral signals to build a picture of which individuals and departments are most vulnerable to phishing attempts, and what specific phishing characteristics they are most susceptible to.
This risk-stratified approach is more sophisticated than uniform training delivery and has genuine advantages for resource allocation — directing more intensive intervention toward higher-risk individuals rather than treating everyone identically regardless of their demonstrated vulnerability.
Phishing Simulation Capabilities
Living Security offers phishing simulation capabilities that include a library of templates representing various phishing attack types and the ability to create customized simulations targeting specific organizational contexts.
The question relevant to the AI-generated phishing challenge is how well the simulation library and customization capabilities reflect the current AI-generated phishing threat landscape. Phishing simulations that still primarily model the traditional phishing patterns — generic templates, obvious urgency, suspicious links — are training employees to recognize yesterday’s attacks while leaving them unprepared for the more sophisticated AI-generated campaigns that are increasingly common.
Living Security has been working to incorporate more sophisticated simulation scenarios, including business email compromise simulations that model the targeted, contextual phishing that AI tools enable. The quality and realism of these advanced simulations is a meaningful differentiator from platforms that rely primarily on older template libraries.
Behavioral Analytics and Risk Scoring
The Unify platform’s behavioral analytics capability is one of Living Security’s most distinctive offerings and represents a genuinely different approach to understanding and managing phishing risk compared to traditional awareness platforms.
By integrating data from phishing simulations, security incident reports, access management systems, and other security tools, Unify builds individual risk profiles that reflect actual behavioral patterns rather than just training completion records. An employee who has clicked on multiple phishing simulations, reported no suspicious emails, and whose access patterns suggest they may be handling sensitive data carelessly represents a different — and higher — risk profile than an employee with a clean simulation record who actively uses security reporting tools.
This behavioral risk intelligence can inform targeted interventions — additional training, coaching conversations, manager awareness, or in some cases access restrictions — that address real vulnerability rather than just ensuring everyone has watched the same training video.
For AI-generated phishing specifically, the ability to identify individuals who are particularly susceptible to sophisticated, personalized attacks — based on their simulation performance across different attack types — allows organizations to direct resources where they are most needed rather than spreading intervention efforts uniformly.
Training Content and Engagement
Living Security built its reputation on engaging training content, and this remains a genuine strength. The recognition that people do not learn effectively from compliance-oriented, dry training videos drove the company to invest in content that is more engaging, more scenario-based, and more likely to produce genuine behavior change than the tick-box training that has characterized much of the security awareness market.
For AI-generated phishing specifically, the content challenge is creating training that prepares employees for attacks that do not exhibit traditional red flags. This requires a different cognitive framework than “look for these warning signs” — it requires training people to apply verification processes regardless of whether an email or communication looks suspicious, to understand why AI makes sophisticated impersonation possible, and to have practical protocols for verifying identity and legitimacy through out-of-band channels.
Living Security’s content library includes material addressing these more sophisticated threat scenarios, though the depth and specificity of AI-generated phishing content varies and represents an area where continuous updating is necessary as the threat landscape evolves.
Strengths of Living Security’s Approach
Genuine Behavioral Focus
The most significant strength of Living Security’s approach relative to the AI-generated phishing threat is its focus on behavior change rather than knowledge transfer. Teaching people facts about phishing — what it is, how it works, what red flags to look for — does not reliably change how they behave when they receive a suspicious email under real-world conditions. Living Security’s emphasis on behavioral measurement and targeted intervention reflects a more sophisticated understanding of how human security behavior actually changes.
Risk Stratification
The ability to identify and prioritize the highest-risk individuals — rather than treating organizational phishing vulnerability as uniform — is genuinely valuable and more sophisticated than most competitive offerings. For AI-generated phishing, which is increasingly targeted at specific high-value individuals, understanding which people in the organization are most susceptible to sophisticated attacks is actionable intelligence that a risk-uniform training approach cannot provide.
Integration Architecture
Living Security’s Unify platform is designed to integrate with the broader security tool stack rather than operating as a standalone training platform. This integration capability means that phishing risk signals can inform other security decisions — access management, monitoring intensity, incident investigation prioritization — rather than existing only within the security awareness program.
Reporting and Risk Quantification
The ability to express human security risk in quantitative terms that business and executive audiences can understand and act on is a genuine organizational advantage. Security teams that can demonstrate measurable risk reduction — not just training completion rates — have an easier time securing the investment and organizational attention that effective security programs require.
Limitations and Gaps
AI-Specific Content Depth
While Living Security has developed content addressing sophisticated phishing and social engineering, the depth and currency of AI-specific phishing content — covering voice cloning, deepfake video attacks, and the specific characteristics of AI-generated text phishing — represents an area where more investment would strengthen the platform’s relevance to the most current threat landscape.
The threat is moving faster than any training platform can fully keep pace with, but the gap between the sophistication of current AI-generated phishing attacks and the sophistication of training content addressing them is wider than ideal.
Simulation Realism
The realism and sophistication of phishing simulations is a critical factor in their effectiveness for preparing employees for actual attacks. Simulations that are too easy — using obvious templates that experienced employees recognize as tests — build false confidence without developing genuine detection capability. Simulations that accurately reflect AI-generated phishing characteristics are technically more challenging to build and require ongoing investment to keep pace with evolving attack techniques.
Living Security’s simulation capabilities are solid but the library depth for highly sophisticated, AI-generated phishing scenarios is an area for continued development.
Measuring Actual Behavior Change
The fundamental challenge for any security awareness platform — including Living Security — is the gap between measuring behavior in a training context and measuring actual security behavior in the real world. Simulation click rates and training completion metrics are proxies for actual security behavior, not direct measures of it.
Whether employees who perform well in simulations actually behave more securely when facing real AI-generated phishing is a question that is genuinely difficult to answer with the data that security awareness platforms currently generate. This is a field-wide limitation rather than a Living Security-specific one, but it is worth acknowledging honestly when evaluating any platform’s effectiveness against sophisticated real-world threats.
SMB Accessibility
Living Security’s platform and pricing model are oriented primarily toward mid-market and enterprise organizations. Smaller businesses — which face phishing threats at least as seriously as large enterprises and often with less security resources to deploy — may find the platform less accessible than alternatives designed for their scale and budget.
How Living Security Compares to Alternatives
The security awareness and human risk management market includes several strong competitors — KnowBe4, Proofpoint Security Awareness Training, Cofense, Mimecast Awareness Training, and others — each with different strengths relative to the AI-generated phishing challenge.
KnowBe4 has the largest phishing simulation template library in the industry and has been actively developing AI-generated phishing simulation content — including templates that replicate the characteristics of AI-written phishing emails. Its scale advantages mean faster content development and a broader range of simulation scenarios than most competitors.
Proofpoint’s integration of its security awareness platform with its email security and threat intelligence products gives it advantages in connecting real-world threat intelligence to training content — simulating the actual attacks that Proofpoint’s threat intelligence team is observing in the wild, including AI-generated campaigns.
Cofense has built a strong reputation specifically in phishing defense, with particular strength in the reporting and response workflow around phishing incidents — helping organizations build the report-and-respond habits that complement simulation-based training.
Living Security’s distinctive positioning relative to these alternatives is the human risk management philosophy and the behavioral analytics infrastructure of the Unify platform — a more sophisticated approach to understanding and acting on individual vulnerability than most competitors offer. For organizations that have already deployed strong phishing simulation capability through another platform and want to build a behavioral intelligence layer on top of it, Living Security’s integration approach and risk quantification capabilities are genuinely differentiated.
Recommendations for Organizations Evaluating Living Security
For organizations specifically evaluating Living Security in the context of AI-generated phishing defense, several considerations are worth weighing carefully.
If your primary need is phishing simulation depth and volume — particularly for highly sophisticated AI-generated phishing scenarios — supplement Living Security’s simulation capabilities with evaluation of platforms that have deeper simulation libraries and more advanced AI phishing template development.
If your primary need is understanding and managing the behavioral risk profile of your workforce — identifying who is most vulnerable, why, and how to target interventions effectively — Living Security’s Unify platform offers genuine differentiation that most competitors do not match.
Evaluate the integration depth between Living Security and your existing security stack. The value of the Unify platform’s risk aggregation depends heavily on the quality and breadth of integrations with the other security tools you are running.
Request current AI-generated phishing simulation examples during your evaluation to assess how well the platform’s simulation content reflects the current threat landscape rather than historical phishing patterns.
Ask specifically about the company’s product roadmap for AI phishing defense — given how rapidly the threat is evolving, the platform’s current capabilities are only part of the relevant picture.
Conclusion
Living Security represents a genuinely thoughtful approach to the human side of cybersecurity — one that goes beyond compliance training to address the behavioral and organizational factors that actually determine whether security awareness programs produce real risk reduction.
Its human risk management philosophy, behavioral analytics infrastructure, and risk quantification capabilities are genuine differentiators in a market where most platforms are still primarily competing on simulation template volume and training content engagement.
Against the specific and rapidly evolving challenge of AI-generated phishing, Living Security’s strengths are real but the limitations are also real. The sophistication of AI-generated phishing attacks is outpacing the security awareness training industry broadly — and Living Security, like its competitors, faces the ongoing challenge of building training content and simulation scenarios that keep pace with a threat that is evolving faster than any single platform can fully address.
The organizations best positioned to defend against AI-generated phishing are those that combine strong human risk management programs — of which Living Security’s approach represents a solid foundation — with technical controls, incident response capability, verification protocols, and a security culture that extends beyond what any training platform alone can build.
Living Security is a meaningful contributor to that defense posture. It is not, by itself, a complete answer to AI-generated phishing. Nothing is.
Leave a Reply