Three places we differ. Three things to say.
Cadence
Their analytics refresh twice daily at 04:30 and 16:30 CET, confirmed in their docs. Ours runs continuously.
Signal
SoSafe's Human Risk OS is Ultimate-only and 'coming soon' per their own ProductDoc — and when it ships, it will still be built on their own training and simulation outputs. No OSINT, no breach exposure monitoring. Moxso's Human Risk Intelligence runs three native signals at every tier: what your people actually do, what threats are targeting your industry right now, and who each person is in the organisation.
Compliance
Their compliance content is a paid add-on in every tier. Our NIS2 evidence is native to the licence.
Impact
A phishing wave hits at 09:00. Their dashboard moves at 16:30. The Security Leader speaks to yesterday's picture.
Impact
A risk score built only on training outputs tells you how people performed in your programme. HRI tells you how risk is changing in the real world.
Impact
NIS2 needs proof that controls are working — not just that training happened. An add-on content module is a billing line, not evidence.
Ask
When does the risk number actually move after an event, continuously or at the next batch window?
Say
Show the Security Leader the HRI dashboard that tracks how risk is changing — on the licence they actually bought today.
Ask
When the auditor asks for evidence at role level, is that in your tier or a separate add-on?