What’s new

• SOX Compliance Course — 3 videos, fully rebuilt to Version 2 standards; the 8th and final course completing Fable’s V2 compliance rebuild (63 videos total across all 8 courses)
• V2 compliance milestone — all 8 core compliance courses now feature updated visuals, interactive components, embedded video, and scripts reviewed by a former auditor for audit readiness
• Emerging Threat — Coyote Banking Trojan
• Emerging Threat — Shadow AI in the Vercel Context

Why it matters

Standard compliance training is designed to clear the audit, not change behavior. Employees complete modules to satisfy the requirement — they don’t come away knowing what audit-relevant behavior actually looks like on a regular workday. The V2 rebuild addresses that directly: updated visuals, interactive components, and scripts written by someone who has sat in audit interviews and knows which employee behaviors create real exposure.

The Coyote Banking Trojan briefing is particularly relevant for organizations with financial services exposure or third-party finance workflows. Shadow AI in the Vercel Context addresses a risk compliance training typically ignores: developers and product teams adopting unsanctioned AI tooling inside build pipelines, outside any visibility or control.

How to access it: Find the SOX Compliance Course under Compliance in the Fable Catalog. Emerging threat briefings are available under Emerging Threats.

What’s new

• Getting Started — Transition from KnowBe4 to Fable Security Phishing Product (Gmail and Outlook)
• Risk-Based — Sharing Company Data with Personal Emails
• Role-Based — HR Fake Job Applications
• Deepfakes — Celebrity Example
• Deepfakes — Introduction
• Emerging Threats — Calendar Phishing

Why it matters

The KnowBe4 transition template addresses the most common operational friction in switching phishing programs: getting employees oriented without disrupting program continuity. It covers both Gmail and Outlook environments with step-by-step onboarding guidance, so the migration doesn’t become a training gap.

The remaining five templates cover attack patterns that security awareness programs most frequently miss: social engineering targeting HR, AI-generated impersonation through deepfakes, and calendar-based phishing. Each deploys without customization, though all support it.

How to access it: Browse the new templates in the Fable Catalog.

What’s new

• Structured intake form — submit briefing requests with attachments, freeform preferences, and a target first draft date in one place
• Automatic Linear integration — every submission creates a tracked ticket for the content team; no manual handoff required
• Single standardized flow — replaces ad-hoc channel-based requests

Why it matters

Every security team that has commissioned custom content knows the same experience: a Slack message disappears into a thread, a brief gets drafted from memory, and weeks later you’re reconciling what you asked for with what arrived. The new flow standardizes what gets captured upfront, so the content team has everything they need before they start, and you can see exactly where your request stands.

For security teams managing a steady volume of custom briefing work, this means faster turnaround, a cleaner audit trail, and one less thing to chase.

How to access it: Navigate to Briefings > Agent in the Fable platform to submit a request.

What’s new

• Create nudge from Command Center with any cohort — no longer limited to dynamic or auto-built cohorts

Why it matters

Most platforms let you build sophisticated risk segmentation and then arbitrarily limit what you can do with it. The employees you’ve manually grouped — your highest-access individuals, your repeat clickers, your teams under active threat — are exactly the ones who need targeted reinforcement. This removes that restriction.

For security awareness teams who already know who needs intervention, this closes the gap between insight and delivery. The bottleneck was never identifying the right people.

How to access it: Open Command Center or navigate to any cohort and select Create Nudge.

What’s new

• Emerging Threat (Developers) — Bitwarden + Checkmarx Supply Chain Attack
• Emerging Threat (Vibe Coders) — Bitwarden + Checkmarx Supply Chain Attack

Why it matters

This attack hit both developer infrastructure (Checkmarx) and credential management (Bitwarden) simultaneously — bypassing the “don’t click suspicious links” framework that conventional security training is built around. The briefings cover what the attack actually looked like and what detection would have required, so employees have a concrete mental model rather than a general warning.

The vibe coder variant addresses a specific gap: employees who build with AI coding assistants have above-average system access and often lack the security background of traditional developers. Both populations need content that reflects how they actually work.

How to access it: Find both briefings in the Fable Catalog under Emerging Threats.

What’s new

• Per-campaign delivery reminders — configure custom end dates, cadence, and frequency for each campaign’s reminder settings from a new UI, with a live preview of how reminders will appear across delivery channels
• Customizable default course email templates — set your organization’s default email template for awareness training under Settings > Awareness Trainings

Why it matters

Completion rates are the metric boards understand. Generic reminder schedules and out-of-the-box email templates are the fastest way to depress them — employees tune out messages that feel automated or off-brand. Per-campaign reminder control is one of the most direct levers available for moving that number.

The default course template setting means every new campaign inherits your organization’s communication standards automatically — not the platform’s defaults. No engineering support required for either change.

How to access it: Access delivery reminder settings in your campaign setup. Set default course email templates under Settings > Awareness Trainings.

What’s new

• Custom avatar creation — Upload an existing video recording or record directly in the platform. Fable processes it into a reusable deepfake avatar in minutes.
• Script-driven content generation — Once your avatar is created, generate new deepfake videos by writing the script you want delivered. No re-recording required.
• Direct platform integration — Avatars and generated content are available immediately in the Fable Composer for use in trainings, nudges, and briefings.

Why it matters

Telling employees that deepfakes exist is not the same as showing them one. AI Studio lets security teams create realistic, organization-specific simulations — using familiar faces and voices — so employees build recognition before an attacker exploits it.

For threat intelligence and awareness leads running AI threat programs, this closes the gap between abstract warning and lived experience.

How to access it: Navigate to AI Studio in the Fable platform and click Create Avatar.

What’s new

• Scene-by-scene editing — See the full breakdown of any briefing: script, voice, variables, and pacing. Edit any scene or add new ones with custom scripts.
• Global voice controls — Change the voice across the entire video in one action, or create new voices directly through AI Studio.
• Variable and pause customization — Insert company-specific variables and adjust pacing to match your organization’s tone and messaging.
• Live preview generation — Make your edits and generate a new preview in minutes before publishing.

Why it matters

Generic security training gets ignored. When the content reflects your organization’s actual policies, language, and brand, employees pay attention. Composer closes the gap between off-the-shelf briefings and content that feels like it was built for your company — because now it is.

For awareness leads and security analysts managing a high-volume content calendar, this means less time working around content that almost fits and more time deploying training that lands.

How to access it: Open any existing briefing in the Fable platform and click Customize.

What’s new

• Natural language cohort creation — Describe the group you want in plain English. Cohort Builder interprets your intent, looks up your org’s actual department values and configurations, and generates the rule automatically.
• Instant preview — Before committing, see exactly which employees fall into the cohort so you can validate the logic before it goes live.
• One-click creation — Confirm the preview looks right and the cohort is created in your Fable platform immediately.

Why it matters

Building precise cohorts used to mean knowing your org’s exact field names, navigating rule logic, and hoping the output matched your intent. Cohort Builder skips all of that. Describe what you want — “everyone in legal with DLP alerts” — and it figures out the rest.

For security analysts and program leads running targeted interventions, this means less time configuring and more time acting on the cohorts that actually matter.

How to access it: Go to the Human Risk Engine in the Fable platform, click Create Cohort, then select Cohort Builder.

What’s new

• Org-wide visibility — See every employee’s training status without running a report or exporting data.
• Manager-level filtering — Drill into a specific reporting chain to see how a team or department is performing.
• Employee drill-down — Click into any individual to see which trainings they’ve completed, which are overdue, and where they stand across the full program.

Why it matters

For program leads and security directors, chasing down completion rates across a sprawling workforce has always required stitching together manual reports. Organization View surfaces that picture directly in the platform, so you can identify who’s falling behind, who’s ahead, and where your program needs attention, without leaving Fable.

Whether you’re preparing for an audit, reporting up to your CISO, or just running your weekly check-in, Organization View gives you the operational clarity to run a tighter program.

How to access it: Navigate to the Fable platform and click Organization in the left nav.

What’s new

• Automated manager notifications — Each manager receives a targeted email showing exactly which of their reports are behind on training, no manual follow-up from the awareness team required.
• Direct and indirect report visibility — Managers see their full reporting chain, not just their immediate team, so accountability flows up and down the org.
• Customizable escalation emails — Edit the email to match your organization’s tone and preferences before sending.
• Preview before you send — Send the escalation email to yourself or a colleague first to see exactly what lands in the inbox.

Why it matters

Awareness leads shouldn’t be the single point of failure for completion rates. When managers own their team’s training status, follow-through improves — because the ask is coming from someone with actual authority over an employee’s day-to-day.

Manager Escalation gets the awareness team out of the chasing business and puts accountability where it belongs.

How to access it: Navigate to Awareness Training or Command Center in the Fable platform and click Create Escalation.

What’s new

• Program reach summary — See total interventions sent, employee engagement, feedback volume, and phishing simulation rates at a glance.
• Fable Insights — AI-generated summary of what’s working, emerging risks, and sentiment trends across your organization — with recommended next actions.
• Risky behavior breakdown — Understand how risk is distributed across behavior categories and which threats are most prevalent across your org.
• Department and individual risk view — See which departments and affinity groups are highest risk, which employees are the most exposed, and which ones are improving.
• Coverage gap analysis — Identify which departments are covered on which topics and spot training gaps before they become incidents.
• Employee sentiment stream — Track total feedback received, overall sentiment, and a live feed of the most recent employee responses.

Why it matters

CISOs and security directors need a defensible story about program health — for board reporting, audits, and internal leadership conversations. The Dashboard surfaces that story without requiring manual report pulls or cross-referencing multiple tools. From executive summary to practitioner-level detail, everything needed to run and defend the program is in one place.

How to access it: Navigate to Dashboard in the Fable platform.