Landmines
Six questions that flip the Nimblr deal.
One per call. Don't stack. Let the silence work.
Q1
What is the refresh cadence on the Awareness Level – continuous, or scheduled?
Cadence – exposes monthly recalculation
Q2
How does the Awareness Level weight a privileged-access admin versus a general-population user?
Architecture – exposes uniform risk treatment
Q3
When a new attack technique surfaces, does it modify risk profiles or trigger a course to everyone?
Signal – exposes course-as-response model
Q4
Is the Microsoft integration SCIM 2.0, or a customer-hosted Azure App registration?
Provisioning – exposes 24-month client-secret rotation
Q5
For NIS2 Article 21(2)(f), what does the Nimblr export prove changed – participation, or risk?
Compliance – exposes Users-report as activity evidence
Q6
Can the platform show today which ten employees carry the highest risk, with a 90-day trajectory?
Defensibility – surfaces board readiness