NIS2 Important Entity Readiness Platform

One Platform.
Total Risk Clarity.

comply/respond 2.0 is a cyber risk operating system that unifies external exposure, credential breaches, vendor risk, and AI compliance automation — powered by the Unified Cyber Exposure Index.

77
Avg. Exposure Index
180K+
NIS2 Entities by Aug 2026
AI-First
Compliance Automation
Trusted by
180K+
Organisations required to comply with NIS2
€10M
Maximum fine for non-compliance
12
Security domains in our NIS2 framework
AI
Auto-completion from evidence documents
Platform Capabilities
The Cyber Risk Operating System
Four dimensions of intelligence. One unified exposure score.
🌐

External Attack Surface

Nessus and OWASP ZAP scan your perimeter continuously, pushing scores to the Unified Cyber Exposure Index.

🌑

Deep & Dark Web

Real-time monitoring for credential breaches, exposed emails, and threat actor activity targeting your organisation.

📧

Email Authentication

Automated DMARC, DKIM and SPF analysis returns risk metrics immediately on signup.

📋

AI Compliance Automation

Upload evidence and let the AI agent auto-complete your questionnaires — NIS2, Joint Standard 2, ISO 27001.

🔗

Supply Chain Cascade

When a vendor breach occurs, AI models cascade probability across your supply chain instantly.

🏢

Vendor Risk Management

Apply the same metrics to third parties. They see their own exposure; you see theirs.

NIS2 Deadline: August 2026

Get compliant before it's too late.

180,000+ organisations need to be NIS2 compliant. Get your score today — it's free.

comply/respond 2.0
© 2026 comply/respond 2.0. All rights reserved.
EU Directive 2022/2555 · Deadline: 1 August 2026

Are you NIS2 Ready?

The NIS2 Directive mandates stronger cybersecurity across critical sectors. Over 180,000 organisations must comply or face fines up to €10M.

--
Days
--
Hours
--
Minutes
--
Seconds
What is NIS2?
Europe's toughest cybersecurity law

The NIS2 Directive replaces the original NIS Directive with significantly expanded scope, stricter requirements, and much harsher penalties.

It applies to Essential Entities (energy, transport, banking, health) and Important Entities (postal, chemicals, food, manufacturing).

180K+
Organisations in scope
€10M
Max fine (Essential)
€7M
Max fine (Important)
24h
Incident notification
NIS2 Requirements
12 Security Domains
A

Scope & Organisation

Define your entity scope and organisational context.

B

Governance & Accountability

Board-level cybersecurity oversight.

C

Risk Analysis & Policy

Systematic risk identification and security policy.

D

Incident Handling

Detection, reporting — 24h notification window.

E

Business Continuity

Backup systems and disaster recovery plans.

F

Supply Chain Security

Vendor risk and third-party requirements.

G

Secure Dev & Maintenance

Vulnerability management in development.

H

Effectiveness Measurement

Continuous monitoring of security measures.

I

Cyber Hygiene & Training

Basic hygiene and employee awareness.

J

Cryptography & Encryption

Policies on cryptography use and data encryption.

K

HR, Access & Assets

HR security, access control, asset management.

L

MFA & Communications

Multi-factor authentication and secure comms.

Non-Compliance Penalties
The cost of not being ready
Essential Entities
€10M
or
2% global turnover
Energy, transport, banking, health, digital infrastructure, public administration, space.
Important Entities
€7M
or
1.4% global turnover
Postal, waste, chemicals, food, manufacturing, digital providers, research.
1 August 2026 — Don't wait

Start your NIS2 assessment today.

33 questions. ~20 minutes. AI-assisted. Get your readiness score instantly.

comply/respond 2.0
© 2026 comply/respond 2.0.
Product Roadmap
Building the future of cyber risk
Our development timeline built around the NIS2 August 2026 deadline.
Legend:LiveCompletedIn DevelopmentPlanned
Q1 2025
Completed

Platform Foundation

Core architecture, portals, questionnaire engine, and the Unified Cyber Exposure Index framework.

Completed
Q2 2025
Completed

Email Auth & Dark Web Monitoring

Automated DMARC/DKIM/SPF scoring and real-time dark web credential monitoring on signup.

Completed
Q3 2025
Completed

External Attack Surface Scanning

Nessus and OWASP ZAP integration for continuous external vulnerability scanning and CVE tracking.

Completed
Q4 2025
Live now

NIS2 Readiness Assessment — 12 Domains

Full 33-question NIS2 readiness assessment with AI-assisted completion and compliance scoring.

Live
Q1 2026
In development

Supply Chain Cascade Intelligence

AI-powered breach cascade modelling across your specific vendor network with real-time alerts.

In Development
Q2 2026
Planned

Joint Standard 2 (FSCA) Compliance

Full JS2 questionnaire framework for South African financial institutions with automated completion.

Planned
Aug 2026
Deadline

NIS2 Compliance Deadline

All entities in scope must demonstrate NIS2 compliance. comply/respond 2.0 generates regulator-ready reports for all customers ahead of this date.

Critical Date

Shape the roadmap.

We build for our customers. Tell us what you need before August 2026.

comply/respond 2.0
© 2026 comply/respond 2.0.
Simple, Transparent Pricing
Start free. Scale when you're ready.
All plans include your Unified Cyber Exposure Index score. No hidden fees. Cancel anytime.
Monthly
Annual Save 20%
Free Trial
0 / month

Perfect for evaluating your cyber exposure. No credit card required.

  • Unified Cyber Exposure Index
  • Email auth scan (DMARC/DKIM/SPF)
  • Basic dark web monitoring
  • 1 vendor
  • External attack surface scanning
  • AI compliance automation
  • NIS2 assessment
Most Popular
SaaS
299 / month

Full platform access for managing compliance and vendor risk.

  • Everything in Free Trial
  • External attack surface scanning
  • Full dark web & credential monitoring
  • Up to 50 vendors
  • AI compliance automation
  • NIS2 readiness (12 domains)
  • FSCA incident reporting
  • Supply chain cascade intelligence
14-day free trial · No setup fee
Enterprise
999 / month

For large organisations and MSPs needing full supply chain visibility.

  • Everything in SaaS
  • Unlimited vendors
  • Supply chain cascade intelligence
  • Advanced analytics & heatmaps
  • Joint Standard 2 module
  • Dedicated account manager
  • 4-hour SLA support
  • Custom API integrations
FAQ
Common questions
Can I change plans at any time?
Yes — upgrades take effect immediately and are prorated. Downgrades take effect at end of billing cycle.
How does the free trial work?
The SaaS plan includes a 14-day free trial. No credit card required to start.
Is my payment information secure?
All payments processed by Stripe — PCI DSS Level 1 certified. We never store card details.
What happens when I cancel?
Your account stays active until end of billing period. Data retained for 30 days after cancellation.

Ready to get started?

Join organisations taking control of their cyber risk before the NIS2 deadline.

comply/respond 2.0
© 2026 comply/respond 2.0.
✉️

Get in Touch

We'd love to hear from you

📧 hello@comply-respond.ai📞 +27 11 000 0000
comply/respond 2.0
© 2026 comply/respond 2.0.

Create Your Account

comply/respond 2.0 — Unified Cyber Risk Intelligence

Personal Information
Company Information
🔍
Automatic Exposure Scan
On signup we initiate dark web monitoring, email authentication risk and external attack surface scanning automatically.
Already have an account? Sign In
comply/respond 2.0
© 2026 comply/respond 2.0.
Acme Corporation
Customer · SaaS Plan
6
AC
Risk Dashboard
Unified view of your security posture — Acme Corporation
Unified Cyber Exposure Index
77
Acme Corporation
Credential Risk
62
Email Auth
76
Attack Surface
60
Compliance
78
Credential Breaches
23
47 exposed emails
External Vulnerabilities
16
3 critical · 9 high
Active Incidents
6
4 pending follow-up
NIS2 Compliance
72%
7 of 12 domains done
Threat Activity — 30 Days
Live
CriticalHighNormal
Risk Area Status
Dark Web / CredentialsCritical
Email AuthenticationWarning
External Attack SurfaceCritical
Vendor RiskHigh
NIS2 ReadinessIn Progress
Incident ReportingOn Track
Top Priority Alerts
SeverityCategoryAlertDetectedAction
CriticalCredentialsadmin@acme.com found on dark web marketplace1h ago
CriticalAttack SurfaceCVE-2021-44228 (Log4j RCE) — api.acme.com3h ago
CriticalEmail AuthDMARC policy missing on primary domain5h ago
HighVendor RiskTechSupply Ltd — exposure score dropped to 721d ago
MediumNIS2Domain D (Incident Handling) — 3 questions unanswered2d ago
Vendor User
Vendor Portal
★★★★★
VD
Incident Notification
Report an IT, data breach, or operational incident to FSCA
Available Questionnaires
Select a questionnaire to begin. The AI agent can assist with evidence tagging and auto-completion.
In Progress
New RT Questionnaire 2x2
test description
Progress:0%
Available
RK-03-QUX-555.1
Risk tier 3 questionnaire
Available
Questionnaire X00100YC
Test description questionnaire x00100YC
In Progress
TEST QUX 4455
TEST QUX 4455
Progress:100%
Needs Revision
Questionnaire VV0099
Questionnaire VV0099
Progress:0%
Available
QUX-SOFTX-RMD-4983
QUX-SOFTX-RMD-4983
In Progress
CRAS Blue Print
CRAS Blue Print
Progress:1%
Available
RSV-QUX-FILE344
RSV-QUX-FILE344
Reviewer
Reviewer Portal
RV
Review Dashboard
My Claimed Reviews
8
All Claimed Reviews
87
Awaiting Review
18
Total Active Reviews
105
My Claimed Reviews 8
QUX_Test_JAN_V131
Vendor GA · 100% · 10 days ago
Questionnaire Group 3003
Denys Bogdanov · 100% · 21 days ago
Telkom Questionnaire
J VENDOR VV · 100% · 22 days ago
Awaiting Review 18
RK-05-QUX-333.1
VR3 Vendor · SaaS
100%
RSVB-QUX_2893
Denys Bogdanov
100%
QUX-SOFT-49G2
Denys Bogdanov
0%
Review Statistics
My Active Reviews
8
Awaiting Review18
All Claimed87
Completed142
Quick Actions

Send Feedback

Help us improve comply/respond 2.0.