For municipalities and cities

Your municipality must report attacks. Korix delivers the proof of your due diligence.

Since 1 April 2025, the revised Information Security Act obliges municipalities. Korix tests your attack surface continuously and documents it automatically, without extra staff.

The reporting duty is binding, and the attack almost always begins with a person.

It's not technology that's the most common entry point, but your people. And invoice and identity fraud deliberately targets administrations. This is exactly the attack surface you must continuously test and document.

24h
to report an attack to the NCSC.
CHF 100k
possible fine for non-compliance.
+35%
more invoice and identity fraud in 2025, deliberately hitting administrations.

How Korix proves your due diligence

Kora runs the entire program, so you have the proof without assigning anyone to it.

1

Runs on its own

Kora plans and runs the tests autonomously, week after week, without your involvement.

2

Audit-ready evidence

Continuous, gap-free documentation of your risk tests, ready to present to oversight and audit at any time.

3

Locally relevant

Invoice and identity fraud that deliberately targets administrations is also tested realistically.

Proof you can present directly

Quarter after quarter, a report for the council, oversight or audit, generated automatically.

EVIDENCE REPORT Q3 2026
Durchgeführte Tests12 / 12
Abgedeckte Mitarbeitende100%
Meldequote61%
Status MeldepflichtBelegt

An AI that attacks my team? Yes, under your control.

Hosted in Switzerland
Your data stays here.
Bounded and reversible
Every test is controlled and without lasting consequences.
You stay in control
You set the scope, pace and limits.

Show your due diligence before the next report is due.

A short setup, and Kora delivers your first proof within days.

Book a demo