One standard program, two delivery models: as a SCORM 1.2 package in your own LMS or as cloud training with audit reports.
With SCORM delivery, not a single employee record ever reaches us. Built on ongoing doctoral research.
The learning content is identical — the difference is where your employees' data lives.
You receive the complete training as a SCORM 1.2 package and deploy it in your own learning management system — SCORM 1.2 is supported by virtually every major LMS (e.g. Moodle, SAP SuccessFactors, Cornerstone). Tracking, completions and training records live entirely in your system.
We host the training on our platform (EU hosting). Login works via email code — including on personal smartphones, with no company laptop or company email address required. That way you also reach production, logistics, retail and field teams.
Hybrid works too: office teams via SCORM in your own LMS, blue collar and supply chain via cloud access without company email — both in parallel, with identical content.
No modular kit, no feature list. One clearly structured year built on a simple principle: a strong kickoff, learning in two stages, reinforcement in between — because forgetting is every training's biggest enemy.
One month of full attention: an introduction package for all employees, three podcast episodes on current security topics, and a challenge quiz with a prize. Goal: build momentum before the learning starts.
Three interactive comic-style modules: Password Security · Spotting Phishing · Social Media & Vishing. With quiz and personal certificate.
Three further podcast episodes keep the topics alive throughout the year. Short, regular touchpoints demonstrably outperform rare marathon sessions.
Four modules for everyday work: Clean Desk · Mobile Work Security · Physical Security · AI & Shadow IT.
To close the year, we advise you on running your own phishing campaign: concept and creative design, a governance checklist (management, works council, communications) and an evaluation logic built on learning metrics, not blame metrics. Execution is handled by your IT or a tool of your choice — so all employee data stays with you. We never run phishing campaigns ourselves.
Example schedule — we align the start month and intervals with your business year. An October kickoff leverages the European Cyber Security Month.
Request the program →Content in German and English — additional languages produced on request.
Interactive, comic-style, with quiz and personal certificate — no passive video watching.
Why "Summer2026!" is not a password: password managers, two-factor authentication and habits that stick.
What actually gives phishing away — and why confidence is more dangerous than ignorance.
Social engineering via LinkedIn, Instagram and the phone: when the attacker sounds friendly.
The tidy workplace as a security control: documents, screens, visitors.
Home office, train, café: working securely outside the office.
Tailgating, unknown USB sticks, access control: attacks that don't come through the network.
ChatGPT & co. at work: using the upside without giving away company data.
In full, no company sign-up, no sales call. That's exactly how most companies evaluate us first.
Start training →The training runs entirely inside your LMS. No interface to us, no transfer, no tracking by Webguardiola. For your employees' training data, no data processing relationship with us even arises — your data protection officers and works council review a package, not data flows.
Webguardiola does not receive, process or store any personal data of your employees — including usage, progress or completion data.
With cloud training we process only the essentials — email for the login code, progress, certificates — on EU servers, governed by a DPA under Art. 28 GDPR.
Phishing campaign advisory involves no employee data either — execution and evaluation remain entirely in your hands.
Webguardiola is being developed as part of an ongoing doctoral research project on why employees click phishing emails despite being convinced they can spot them (overconfidence bias). These findings shape the structure and feedback mechanisms of every module — from quiz design to the evaluation logic of our campaign advisory.
In a short call we cover delivery model (SCORM or cloud), your schedule, languages and NIS2 documentation — and you receive a transparent offer with a clearly defined scope of services.
A short email is enough. What would you like to discuss?
Or write directly to hello@webguardiola.com