CoreBit & NIS2
NIS2 is an EU directive that places obligations on organisations — it isn't a certification a product earns. CoreBit won't make you "NIS2 compliant" on its own, but it's a strong supporting control for several of the directive's technical risk-management measures (Article 21).
Here's where CoreBit helps directly. The remaining pieces auditors typically ask for — a full audit trail, central log forwarding, and single sign-on — are planned for the upcoming Enterprise tier.
| NIS2 measure | How CoreBit helps | Status |
|---|---|---|
| Asset & network inventory | Living topology maps, IPAM, VLAN inventory and MAC tables — a source of truth that maintains itself. | Available now |
| Detection & monitoring | Continuous device and service probing, status history, and metric/probe alarms. | Available now |
| Incident response | Notifications across Telegram, Slack, e-mail and webhooks, with on-duty scheduling so the right person is alerted. | Available now |
| Business continuity & backups | Manual and scheduled backups with retention. | Available now |
| Vulnerability handling | Authorised, non-destructive scanning (nmap, nuclei, testssl.sh, nikto) saved as reports. | Available now |
| Access control & MFA | Role-based access, two-factor authentication (TOTP), scoped API keys, and hashed credentials. | Available now |
| Audit trail | A dedicated log of who signed in and who changed what, with retention and export. | Enterprise · planned |
| Central logging | Forward events to your SIEM over syslog for aggregation and long-term retention. | Enterprise · planned |
| Identity integration | Single sign-on (SAML / OIDC) for central identity and deprovisioning. | Enterprise · planned |
What's out of scope
NIS2 is broader than any monitoring tool: risk assessments, written policies, supply-chain vetting, staff training, cryptography policy and incident reporting to your national authority are organisational tasks CoreBit doesn't replace. CoreBit covers the network-monitoring, asset and access slice — and covers it well.
Not legal advice
This is guidance, not legal advice. NIS2 is transposed into national law per member state — confirm the specifics for your country, and where needed with a compliance advisor.
Map your network today
Install the free edition on your own hardware and have your first devices on a map in minutes.
curl -fsSL https://licensing.corebit.ease.dk/install.sh | sudo bash -s