EU NIS2 DIRECTIVE 2022/2555 · ARTICLE 21

The fastest way to
prove NIS2 vendor
compliance.

European enterprises are legally required to document the security posture of every third-party vendor under NIS2 Article 21. NIS2Engine automatically scans your vendors, scores them 0-100, and generates court-ready PDF audit evidence — replacing €20,000/year in consultant fees.

NIS2 enforcement is active. Fines reach €10,000,000 or 2% of global annual turnover for non-compliance.

Passive OSINT only
No vendor notification
Fully GDPR compliant
No credentials required
NIS2 Assessment Report
LIVE SCAN DATA
stripe.com
Assessment Date: 27 Jun 2026 · Report ID: NIS2-4821
100
A
Risk Level: Low
TLS 1.3 supported
+5 pts
DMARC policy: reject
+8 pts
DNSSEC not enabled
−5 pts
+ 14 more findings in full report
Score Breakdown
100 / 100
18
NIS2 sectors covered
21+
technical checks per scan
5
languages for remediation letters
TRY IT FREE · NO SIGNUP REQUIRED

Scan Any Vendor in 30 Seconds

Passive OSINT only. We check TLS, DNS, email security, threat intelligence and 21+ controls. No login required.

Scans are passive external checks only — consistent with standard security research practices.

EVERYTHING YOU NEED FOR ARTICLE 21

Built for Compliance Teams

Replace expensive consultants and manual spreadsheets with continuous, automated auditing.

Passive OSINT Scanning

100% legal, non-intrusive scans that evaluate 21+ security controls from the outside in.

Deterministic Scoring

Same input always produces same output. No AI black box. Every deduction explained and auditable.

Court-Ready PDF Scorecards

Timestamped PDF reports with full audit trail — ready to present to regulators or your board.

Monthly Automation

Set it and forget it. Your entire vendor portfolio is automatically rescanned and reported monthly.

Remediation Letters

Generate formal legal notices for non-compliant vendors in 5 EU languages at one click.

Threat Intelligence

Integrated with 6 premium sources including Shodan, AbuseIPDB, AlienVault OTX and Google Safe Browsing.

Transparent Pricing

Choose the plan that fits your supply chain size.

Free Trial
0€ for 14 days

Test the engine on a small scale before committing.

Up to 5 vendors
1 PDF download total
Manual scans only
No credit card required
Start Free Trial
Starter
€199/month

Perfect for small companies tracking a core group of vendors.

Up to 10 vendors
Unlimited PDF downloads
Monthly automated scans
Email support
Start Starter Plan
★ MOST POPULAR
Professional
€499/month

For scale-ups and mid-market companies with complex supply chains.

Up to 50 vendors
Unlimited PDF downloads
Weekly automated scans
Remediation Letters (5 langs)
API Access & Priority support
Start Professional
Enterprise
Custom

For large enterprises requiring white-glove onboarding.

Unlimited vendors
Daily automated scans
Custom SLA
Dedicated Account Manager
White-label reports
Contact Sales

Frequently Asked Questions

Is passive OSINT scanning legal in the EU?
Yes. Our scanning methodology exclusively uses public, non-intrusive data sources and does not interact with internal systems. This is standard security research practice and is fully compliant with European law.
How is this different from hiring a consultant?
Does NIS2 Article 21 actually require vendor assessments?
How is the security score calculated?
What happens if a vendor drops to Grade F?
Can I white-label the PDF reports?
How do remediation letters work?
Is my vendor data stored or shared?