Improvements to Phish Threat
PhishThreat is a great product, but there are a few things that would make it truly outstanding.
Add a method to notify users that this was a test if they click on a link, open an attachment, or enter credentials *without* requiring them to be enrolled in training.
Add in notifications for the person conducting the phish test whenever someone does get caught. This is helpful, especially since a campaign can't be shorter than a month.
Add in a way to track what users have been phished previously along with what users may not have been phished recently or at all. This would assist with making sure everyone gets exposure to the testing.