One cloud platform to measure, manage and reduce human cyber risk — combined training + phishing, or either on its own
FortiSAT unifies Fortinet Security Awareness Training (SAT) and FortiPhish phishing simulation into a single cloud-delivered service. Run realistic phishing campaigns, assign role-based training in 10+ languages, and turn behavioral data into per-user, per-group and organization-wide risk scores — then use those scores to wrap tighter controls around your highest-risk users in FortiMail and FortiDLP. Buy per-user subscriptions from a Canadian Fortinet specialist.

Human error remains the primary breach vector in modern cybersecurity incidents, and email-based attacks are still one of the most successful ways attackers gain initial access — phishing routinely leads to credential theft, ransomware, business email compromise (BEC) and data exfiltration. Traditional security awareness programs check a compliance box but never quantify risk or connect to the rest of your security stack.
FortiSAT (Security Awareness Training and Phishing Simulation) is Fortinet's cloud-delivered answer. It combines FortiPhish realistic phishing simulation with a structured Security Awareness Training library, then analyzes behavioral data from simulations, user interactions and training completion to generate dynamic risk scores for every user, group and the whole organization. Security teams get clear visibility into high-risk individuals and departments — and can push those risk scores across the Fortinet Security Fabric to apply stricter inspection, sandboxing or isolation in FortiMail and tighter monitoring in FortiDLP, so the highest-risk users automatically get the strongest safeguards.
Pre-built and custom email & QR-code phishing templates modeled on real-world threats from FortiGuard Labs, with credential-harvesting landing pages and full action tracking.
Comprehensive enterprise training library with micro- and nano-learning modules, role-based assignments, and remedial content in 10+ languages.
Turns simulation results, user interactions and training completion into dynamic risk scores for users, groups and the organization to prioritize remediation.
Dynamic groups auto-organize users by risk score, phishing failures, department, directory attributes and training completion, refreshing regularly for targeted campaigns.
Real-time dashboards and analytics show user behavior, risk levels and compliance posture, with trend tracking and executive-ready reports.
Feed FortiSAT risk scores into FortiMail (URL rewriting, isolation, CDR, sandboxing) and FortiDLP to wrap tighter controls around your riskiest users.
A continuous loop of simulate, assess, educate, measure and tighten — so awareness keeps improving and your controls follow the risk.
Pre-built templates based on real-world threats, event-based templates (holiday, HR, corporate announcements) and a builder for custom phishing emails and landing pages.
Simulate modern quishing attacks and track QR scans alongside opens, clicks, replies, attachment execution and data submission.
Comprehensive Security Awareness Training with micro- and nano-learning modules and role-based, targeted assignments.
Automatically enroll users who fail specific phishing campaigns into targeted remedial training, plus Time-of-Click training at the moment of the click.
A one-click Phish Alert Button (PAB) add-in for Outlook and Microsoft 365 lets users report suspicious email and drives real participation.
Manual/CSV provisioning, LDAP and Azure AD sync, SCIM provisioning, SSO and multifactor authentication, with automated Smart Group assignment.
Training modules in English (US/UK/AUS), Spanish (LATAM), French, Brazilian & European Portuguese, German, Italian and Japanese, with accessibility support.
Supports NIST, PCI-DSS, HIPAA and GDPR security-awareness requirements with the reporting evidence auditors expect.
FortiSAT is sold three ways — all cloud-delivered, per user, with FortiCare Premium support and a 25-user minimum. Pick the combined platform for the full loop, or run phishing simulation or training on its own.
Sourced from the FortiSAT datasheet and Ordering Guide. All three editions include behavioral risk scoring, Smart Groups, dashboards and reporting, directory sync/SSO and FortiCare Premium 24x7 support.
| Capability | Combined | Phishing only | Training only |
|---|---|---|---|
| Simulated phishing campaigns (email & QR code) | ✓ | ✓ | — |
| Realistic credential-harvesting landing pages | ✓ | ✓ | — |
| Phishing tracking: open, click, reply, attachment, QR scan | ✓ | ✓ | — |
| Security Awareness Training module library (micro & nano) | ✓ | — | ✓ |
| Role-based & targeted training assignments | ✓ | — | ✓ |
| Auto-enroll failed users into remedial training | ✓ | — | — |
| Time-of-Click splash-page training | ✓ | ✓ | — |
| Behavioral risk scoring (user / group / org) | ✓ | ✓ | ✓ |
| Smart Groups (dynamic targeting) | ✓ | ✓ | ✓ |
| Phish Alert Button (Outlook / M365) | ✓ | ✓ | — |
| Dashboards, analytics & executive reporting | ✓ | ✓ | ✓ |
| User & group sync (LDAP, Azure AD, SCIM) + SSO / MFA | ✓ | ✓ | ✓ |
| Feed risk scores to FortiMail / FortiDLP controls | ✓ | ✓ | ✓ |
| FortiCare Premium 24x7 support | ✓ | ✓ | ✓ |
FortiSAT is licensed per user and priced by user band, with a 25-user minimum order and a choice of 1, 3 or 5-year terms. Licenses are delivered electronically worldwide, usually within hours. Expand an edition below to see the exact Fortinet SKU for your user count — then request a quote and we will price and provision it, usually the same day.
The complete FortiSAT platform: realistic phishing simulations plus the full Security Awareness Training (SAT) library, unified behavioral risk scoring across both, and automatic enrollment of users who fail a phishing test into remedial training. Includes FortiCare Premium 24x7 support. Minimum order 25 users; available as 1, 3 or 5-year per-user subscriptions.
| User band | Per-user subscription |
|---|---|
| 1 - 100 users | View productFC1-10-PHCLD-1325-02-DD |
| 101 - 1,000 users | View productFC2-10-PHCLD-1325-02-DD |
| 1,001 - 5,000 users | View productFC3-10-PHCLD-1325-02-DD |
| 5,001 - 10,000 users | View productFC4-10-PHCLD-1325-02-DD |
| 10,000+ users | View productFC5-10-PHCLD-1325-02-DD |
FortiPhish enterprise phishing simulation on its own: run realistic email and QR-code phishing campaigns, track opens, clicks, replies, attachment execution and data submission, and score user susceptibility over time. Includes FortiCare Premium support. Minimum order 25 users; available as 1, 3 or 5-year per-user subscriptions.
| User band | Per-user subscription |
|---|---|
| 1 - 100 users | View productFC1-10-PHCLD-1262-02-DD |
| 101 - 1,000 users | View productFC2-10-PHCLD-1262-02-DD |
| 1,001 - 5,000 users | View productFC3-10-PHCLD-1262-02-DD |
| 5,001 - 10,000 users | View productFC4-10-PHCLD-1262-02-DD |
| 10,000+ users | View productFC5-10-PHCLD-1262-02-DD |
The enterprise Security Awareness Training library on its own: role-based micro- and nano-learning modules in 10+ languages to build a cyber-aware workforce and satisfy NIST, PCI-DSS, HIPAA and GDPR awareness requirements. Includes FortiCare Premium support. Minimum order 25 users; available as 1, 3 or 5-year per-user subscriptions.
| User band | Per-user subscription |
|---|---|
| 1 - 100 users | View productFC1-10-PHCLD-1261-02-DD |
| 101 - 1,000 users | View productFC2-10-PHCLD-1261-02-DD |
| 1,001 - 5,000 users | View productFC3-10-PHCLD-1261-02-DD |
| 5,001 - 10,000 users | View productFC4-10-PHCLD-1261-02-DD |
| 10,000+ users | View productFC5-10-PHCLD-1261-02-DD |

Every Fortinet purchase from DataCenter360.ca is backed by hands-on services across the full lifecycle — from rollout to round-the-clock protection.
Fortinet Select Partner and MSSP, FCP-certified. Genuine subscriptions registered correctly the first time.
FortiSAT is a cloud SaaS — licenses are electronic and delivered worldwide, usually within hours of purchase.
User count, edition, term and campaign design — we help you scope the right program before you buy.
Talk to an FCP-certified engineer about tying FortiSAT risk scores into FortiMail and FortiDLP.
Tell us your user count and whether you want combined training + phishing, or either on its own. We will size the edition and term and quote it, usually same day.
FortiSAT is Fortinet's cloud-delivered Security Awareness Training and phishing-simulation platform. It combines FortiPhish phishing simulation with a structured Security Awareness Training library and turns behavioral data into per-user, per-group and organization-wide risk scores to measure, manage and reduce human cyber risk.
Combined (SKU family PHCLD-1325) includes both phishing simulation and the full training library with unified risk scoring and automatic remedial-training enrollment. Phishing Only (PHCLD-1262) is FortiPhish enterprise phishing simulation on its own. Training Only (PHCLD-1261) is the enterprise Security Awareness Training library on its own. All three include behavioral risk scoring and FortiCare Premium support.
FortiSAT is licensed per user, priced in five user bands (1-100, 101-1,000, 1,001-5,000, 5,001-10,000 and 10,000+), with a 25-user minimum order. Each subscription is available as a 1, 3 or 5-year term. Request a quote with your user count and edition and we will return live pricing.
The minimum order is 25 users, even though the first pricing band covers 1-100 users. Pricing per user decreases as you move up into larger user bands.
Yes. FortiSAT simulates both email and QR-code phishing and tracks user actions including open, click, reply, attachment execution, QR scan and data submission, using pre-built, event-based or fully custom templates and landing pages.
FortiSAT generates dynamic risk scores for users, groups and the organization. Those scores can be used in other Fortinet products — for example FortiMail can apply stricter controls such as URL rewriting, URL isolation, Content Disarm & Reconstruction (CDR) and sandboxing to high-risk users, and FortiDLP can increase monitoring and data-protection controls.
Training modules are available in 10+ languages with accessibility support, including English (US, UK, AUS), Spanish (LATAM), French, Brazilian Portuguese, German, Italian, European Portuguese and Japanese.
Yes. FortiSAT supports manual and CSV user provisioning, LDAP and Azure AD directory synchronization, SCIM provisioning, SSO for admins and end users, and multifactor authentication, with automated Smart Group assignment.
FortiSAT is a cloud SaaS, so there is nothing to ship — subscriptions are delivered electronically worldwide as an Authorized Fortinet Select Partner, usually within hours of purchase, and include FortiCare Premium support.
DataCenter360.ca is an Authorized Fortinet Select Partner. Specifications and capabilities shown are from the FortiSAT datasheet (FSAT-DAT-R01, March 11, 2026) and the FortiSAT Ordering Guide. Pricing is per user and delivered on quote; figures may vary with currency, term and promotions. FortiSAT, FortiPhish, FortiMail, FortiDLP, FortiCare and FortiGuard are trademarks of Fortinet, Inc.