Three places we differ. Three things to say.
Signal
Proofpoint's VAP signal comes from email attack telemetry — everything outside the inbox is invisible. Moxso's Human Risk Intelligence reads three signals: what your people actually do (Human), what threats are targeting your industry right now including breach exposure (World), and who each person is and what they're accountable for (Organisation).
Persona
Their VAP groups people into Very Attacked People at population level. Ours produces individual risk profiles.
Compliance
Their compliance training proves training was delivered. Ours produces NIS2 evidence at audit level — proof that controls are working, not just that training happened.
Impact
Email signal shows who gets attacked by email. HRI shows where risk is concentrating across the whole workday.
Impact
Population-level grouping tells you who to train. Individual trajectory shows whether risk is going up or down.
Impact
Training delivery records answer programme questions. NIS2 evidence answers regulator questions. Different outputs.
Ask
What does the platform see outside the inbox — and does it track what's targeting your industry right now?
Ask
Can the platform produce a 90-day individual risk trajectory at role level today?
Ask
What does Security Awareness produce for an EU NIS2 auditor at the Article 21(2)(f) level?