Detection, analysis, containment and response to incidents
According to NIS2, you must implement certain cybersecurity measures to manage the risks to the security of your network and information systems and to minimize the impact of security incidents. You must protect IT infrastructures and their physical environment ("all-hazards approach"). You should use a risk-based approach to determine exactly how much is appropriate.
NIS-2 certificate
Penetration testing, or pentesting, is an essential part of the NIS-2 guideline. A quarter of the entire NIS-2 reporting consists of the documentation of how often and when which pentests were carried out and with what results.
DEFENDERBOX as NIS-2 cornerstone
Our DEFENDERBOX is NIS-2 compliant, i.e. the DEFENDERBOX reports document exactly all pentests that are considered NIS-2 certification and an essential component for NIS-2 audits.
DEFENDERBOX NIS-2 Reporting
After the first pentest, the initial report for the NIS-2 certificate is listed in detail
- which devices, networks and environments were scanned from the outside and inside
- where, which vulnerabilities were found
- which security gaps have been checked
to create an overall picture of your company's cyber security situation.
In the further weekly or monthly scans with the DEFENDERBOX, a NIS-2-compliant quarterly report is created that documents exactly what
- which users
- which computer or
- Which devices
have carried out. All of these reports are reviewed and approved by a data protection officer.
Act now!
Are you ready for NIS-2? Our DEFENDERBOX will help you! Strengthen the resilience of your SME NIS-2 compliant against hacker attacks.
Would you like to know how secure your company already is? Find out with our "Find & Fix" offer! So that you feel secure again.
Download our NIS-2 checklist "10 steps to compliance with the NIS-2 directive" here and check how you can increase your cyber security.
What is NIS-2
NIS stands for "Network and Information Security". The NIS-1 directive has been in force since 2016 and regulates the measures taken by companies and institutions that fall underKRITIS (operators of critical infrastructures).
The more far-reaching NIS-2 directive comes into force in October 2024 and affects far more companies than NIS-1, as this directive obliges EU companies to comply with stricter cybersecurity standards with additional requirements for IT information security.
Current contributions
- Over 80% critical security vulnerabilitiesAlarming results from our IHK cooperation on IT security at companies! Which critical security gaps were found in our pentests?
- "Find & Fix" campaign to get to know each otherProtect your company and find out which security gaps or vulnerabilities exist in your IT.
- New DEFENDERBOX featureAfter each pentest (penetration test) with the DEFENDERBOX, our customers receive an email informing them of the status of the result.
- DEFENDERBOX NIS-2 compliantOur DEFENDERBOX is NIS-2 compliant, i.e. the DEFENDERBOX reports document exactly all pentests that are valid as NIS-2 certification for the NIS-2 audits.
- Targeted by cyber criminalsIf law firms fall victim to blackmail cyber attacks, the damage is particularly high. This is why ransoms are often paid. Investments in cyber security and insurance offer protection.
Do you want to know how secure your company is? Try it out! Click here for a test installation of the DEFENDERBOX.
The "Find & Fix" trial offer is valid until
30. September 2024.