Deadline passed

NIS2 compliance without the complexity

The EU NIS2 directive mandates cybersecurity risk management for essential and important entities. Our managed security stack covers detection, response, and reporting — so you can meet requirements without building a SOC from scratch.

Assess your NIS2 readiness View our security tools

What is NIS2?

The Network and Information Security Directive 2 (NIS2) is an EU-wide cybersecurity regulation replacing the original NIS directive. It expands the scope from ~100 operators to over 160,000 entities that must implement cybersecurity measures and report incidents.

Transposition deadline

17 October 2024 (now in effect)

Scope

Essential & important entities across 18 sectors

Penalties

Up to 10M EUR or 2% of global turnover

Incident reporting

24h early warning, 72h full notification

Key NIS2 requirements

Article 21 mandates these cybersecurity risk-management measures. Here's how our managed stack maps to each one.

Risk analysis & information security policies

Vulnerability scanning with GVM/OpenVAS, continuous monitoring with Wazuh SIEM

Incident handling

Wazuh for incident detection and response, automated playbooks, full audit trail for regulators

Business continuity & crisis management

Automated daily backups, disaster recovery to Falkenstein DC, monitoring with alerting

Supply chain security

100% open-source stack — audit the code, no proprietary black boxes, no SSPL/BUSL surprises

Network & information systems security

CrowdSec for intrusion prevention, Velociraptor for endpoint detection and forensics

Effectiveness assessment

Scheduled vulnerability scans, compliance dashboards, exportable reports for auditors

Your NIS2 security stack

Six managed tools that together cover the full NIS2 compliance surface.

SIEM / XDR

Wazuh

Enterprise SIEM & XDR — without the enterprise price tag

from $80 /mo

IDS / IPS

CrowdSec

Collaborative intrusion prevention powered by the crowd

from $25 /mo

Vulnerability Scanning

GVM/OpenVAS

Enterprise vulnerability scanning for compliance-driven teams

from $30 /mo

Endpoint Detection & Forensics

Velociraptor

Endpoint detection, forensics, and threat hunting at scale

from $30 /mo

Vulnerability Management

DefectDojo

Application security and vulnerability management

from $20 /mo

Your path to NIS2 compliance

Week 1: Assessment

We review your current security posture and identify gaps against NIS2 requirements.

Week 2: Deployment

We provision your managed security stack on German infrastructure. SIEM, IDS, vulnerability scanning — all configured for your environment.

Week 3-4: Integration

Agent rollout, log source integration, alert tuning, and incident response workflow setup.

Ongoing: Managed operations

We handle updates, rule tuning, backup verification, and uptime monitoring. You get compliance dashboards and audit-ready reports.

The NIS2 deadline has passed

Organizations must already be in compliance. Close your gaps now — enforcement is underway.

Talk to us about NIS2