Shira is an anti-phishing training and quiz platform launched by the technology nonprofit Horizontal. It aims to help individuals and organizations improve their ability to identify and respond to phishing attacks. It is not an email gateway, EDR, or browser-protection product; instead, it trains users through realistic quizzes and simulated scenarios to recognize risk signals in emails, SMS messages, and instant messaging apps.
Shira focuses on security awareness and behavior training. The platform supports Gmail and Outlook phishing simulations, with configurable senders, subject lines, body text, links, images, and attachments. It also supports scenarios for SMS, WhatsApp, Facebook Messenger, and other messaging apps, making it more relevant to today’s multi-channel phishing landscape. Educators and security teams can create organization-specific quizzes without code, add real-world attack examples, and embed explanations to help learners understand the reasoning behind each judgment.
For deployment, Starter and Pro are cloud-hosted, while Enterprise supports both cloud and on-premises deployment. Shira provides an admin dashboard, role-based access control, public/private quizzes, mobile access, question-bank templates, and a multilingual interface. Supported languages include English, Spanish, French, Chinese, Arabic, and Russian. On the compliance side, it can track quiz completion, success rates, and user weak spots, but the source material does not disclose formal certifications such as SOC 2 or ISO 27001. Its privacy positioning is a notable strength: it states that it does not collect, store, or share sensitive or personally identifiable data, and it also mentions independent security audits.
Starter is free and suitable for trials and small-scale public quizzes, but it is limited to 1 admin and up to 3 custom quizzes, and it lacks private quizzes and detailed analytics. Pro costs US$50/month plus US$1 per quiz attempt, with a 14-day trial, making it suitable for teams running ongoing training. Enterprise uses custom pricing and targets large organizations and service providers, offering on-premises deployment, dedicated support, readiness assessments, and action plans. Nonprofits can apply for discounts.
Its strengths include being open source, privacy-friendly, easy to use, multilingual, and relatively comprehensive in scenario coverage, with the ability to customize content around an organization’s real threats. Its limitations are that it only improves recognition ability and cannot replace anti-phishing gateways or real-time protection; integrations with enterprise directories, SSO, SIEM, and similar systems are not described; and Pro’s per-quiz pricing means large-scale costs need to be calculated carefully. It is especially suitable for nonprofit organizations, high-risk communities, schools, digital security trainers, and enterprise security teams that want a lightweight way to run anti-phishing exercises.
The source material does not provide information on access speed from mainland China, ICP filing, RMB payments, or local support, and payment methods are only described as varying by country. As a result, China accessibility is unknown. If you need localized procurement, enterprise integrations, or Chinese-language service support, you may also want to evaluate KnowBe4, Hoxhunt, Proofpoint Security Awareness Training, Cofense, or combine a domestic security awareness training platform with an email security gateway.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on shira.app official site.
shira.app is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach shira.app directly.