Landmines
Six questions that flip the Pistachio deal.
One per call. Don't stack. Let the silence work.
Q1
Does Practice's data and Presence's data produce one risk profile per person, or two separate data streams?
Signal – exposes two-tools vs intelligence engine
Q2
When a new attack pattern emerges outside your walls, how does the platform know which employees' risk just changed?
Signal – exposes no OSINT correlation
Q3
Which IdPs do you support today, and what happens if we move off Microsoft Entra in the future?
Provisioning – exposes Microsoft-only lock-in
Q4
Who are your five highest-risk individuals today, and what makes each of them high-risk?
Persona – exposes cohort-only reporting
Q5
How does the platform prove effectiveness under NIS2 Article 21 – that risk reduced, not just that training happened?
Compliance – exposes training-vs-evidence gap
Q6
Does an insider-threat alert on an employee change how they get trained in Practice?
Signal – exposes no cross-product intelligence