Skip to content
Awareness-as-a-Service

People are often the first point of attack for attackers -
and at the same time your strongest defense.

Phishing simulations, awareness training, and audit-grade reporting - as one program that runs in weeks. NIS2, ISO 27001, and GDPR aligned. Hosted in Switzerland.

Hosting Switzerland GDPR & FADP DE / EN content
phishing-detector.aware.as ~ inbound-mail-scan
$analyze --message id_4f2a-9b7c
SPF: pass · DKIM: pass · DMARC: fail
!display-name spoofs "Microsoft 365 Team"
!urgency keywords detected: "within 24h", "account locked"
Phishing
From:no-reply@microsoft-365.support
Subject:Your account will be locked in 24h
Link:https://ms-365-verifizierung.de/...
$report --to learner --as training-moment
Learning card delivered · Quiz due in 24h
The problem

Technology alone isn't enough.

Employees are the most common attack vector - and the only link a firewall can't patch.

94%

of successful cyber attacks start with a human interaction - usually a phishing email.

Source: ENISA Threat Landscape 2025

11 min

average time before an employee clicks a phishing link - often faster than any SOC can react.

Source: Verizon DBIR 2025

CHF 4.2M

average incident cost in the DACH region. Awareness training reduces risk by up to 70%.

Source: IBM Cost of a Data Breach 2025

How it works

Ready in four steps.

Onboarding in 14 days. First phishing simulation in week 3. First quarterly report in week 13.

  1. 01 · Day 1

    Onboarding

    SSO/AD integration, user import, language setup, sender-domain whitelist.

  2. 02 · Week 2

    Baseline test

    First simulation without warning. We measure the current state - honestly, without blame.

  3. 03 · Ongoing

    Continuous training

    Monthly micro-learning units, targeted repetition for risk groups, on-click coaching.

  4. 04 · Quarterly

    Reporting & review

    Audit-grade report, trend analysis, NIS2 mapping. We walk through it with you.

Compliance & data protection

Made & hosted in Switzerland.

We know security tools are themselves a risk. That's why we operate on Swiss infrastructure - no Google Fonts, no tracking cookies, no US cloud dependencies.

NIS2
Mandatory mapping & report templates
ISO 27001
Awareness measure per Annex A.7.2.2
GDPR / FADP
Data processing agreement documented
BSI IT-Grundschutz
Module ORP.3 covered

Ready to take awareness seriously?

30-minute demo. We'll show you a real phishing campaign, a quarterly report, and the NIS2 mapping - for your industry.