Skip to content
Awareness-as-a-Service

People are the last line —
and your strongest defence.

Phishing simulations, awareness training, and audit-grade reporting — as one program that runs in weeks. NIS2, ISO 27001, and GDPR aligned. Hosted in Switzerland.

Book a demoHow it works
Hosting CH/EU GDPR & FADP DE / EN content
phishing-detector.aware.as ~ inbound-mail-scan
$analyze --message id_4f2a-9b7c
SPF: pass · DKIM: pass · DMARC: fail
!display-name spoofs "Microsoft 365 Team"
!urgency keywords detected: "within 24h", "account locked"
Phishing
From:no-reply@microsoft-365.support
Subject:Your account will be locked in 24h
Link:https://ms-365-verifizierung.de/...
$report --to learner --as training-moment
Learning card delivered · Quiz due in 24h
The problem

Technology alone isn't enough.

Employees are the most common entry point — and the only link a firewall can't patch.

94%

of successful cyber attacks start with a human interaction — usually a phishing email.

Source: ENISA Threat Landscape 2025

11 min

average time before an employee clicks a phishing link — often faster than any SOC can react.

Source: Verizon DBIR 2025

CHF 4.2M

average incident cost in the DACH region. Awareness training reduces risk by up to 70%.

Source: IBM Cost of a Data Breach 2025

Three pillars · One program

Awareness that actually works.

Not a 60-minute mandatory course. Continuous training that fits into the workday and measurably changes behaviour.

Phishing simulation

Realistic campaigns based on current threats. Employees learn the moment they click — not in an annual mandatory course.

/solutions/phishing-simulation

Awareness training

Micro-learning units of 3–5 minutes. Phishing, social engineering, passwords, MFA, deepfakes — modular and multilingual.

/solutions/awareness-training

Reporting & KPIs

Audit-grade reports for management and CISO. NIS2 compliance mapping, click rates, improvement over time — exportable as PDF and CSV.

/solutions/reporting-kpis
How it works

Ready in four steps.

Onboarding in 14 days. First phishing simulation in week 3. First quarterly report in week 13.

  1. 01 · Day 1

    Onboarding

    SSO/AD integration, user import, language setup, sender-domain whitelist.

  2. 02 · Week 2

    Baseline test

    First simulation without warning. We measure the current state — honestly, without blame.

  3. 03 · Ongoing

    Continuous training

    Monthly micro-learning units, targeted repetition for risk groups, on-click coaching.

  4. 04 · Quarterly

    Reporting & review

    Audit-grade report, trend analysis, NIS2 mapping. We walk through it with you.

Compliance & data protection

Made & hosted in Switzerland.

We know security tools are themselves a risk. That's why we operate on Swiss infrastructure — no Google Fonts, no tracking cookies, no US cloud dependencies.

NIS2
Mandatory mapping & report templates
ISO 27001
Awareness measure per Annex A.7.2.2
GDPR / FADP
Data processing agreement documented
BSI IT-Grundschutz
Module ORP.3 covered
Knowledge & resources

Get to know the attackers.

Free threats library — no account required. Member area for deeper training.

/resources/threats/phishing

Spot & stop phishing

The most common attack — and how your team unmasks it in 3 seconds.

read article →
/resources/threats/ceo-fraud

CEO fraud & BEC

How attackers exploit hierarchy — and why accounting is your most important line of defence.

read article →
/resources/threats/deepfakes-ai

Deepfakes & AI fraud

Voice cloning, fake video calls — what's possible in 2026 and how to spot it anyway.

read article →

Ready to take awareness seriously?

30-minute demo. We'll show you a real phishing campaign, a quarterly report, and the NIS2 mapping — for your industry.

Book a demoContact us