Managed Security Services
We deploy, configure, and manage the security platform — from vulnerability scanning to compliance reporting. AI-driven automation keeps you protected around the clock. Our team is there when you need us.
The compliance reality
Since 1 July 2025, NIS2 is Danish law — formally Lov om foranstaltninger til sikring af et højt cybersikkerhedsniveau (LOV nr 434). Registration on Virk.dk closed 1 October 2025. Audits by SAMSIK and sector authorities are underway.
The requirements are concrete: implement risk management measures proportionate to your profile, report significant incidents within 24 hours (full report in 72, final in 30 days), manage supply chain security, and maintain documented evidence of compliance. Management is personally accountable under Section 6 of the Act.
The threat landscape underscores why. CFCS rates cybercrime and cyber espionage threats against Denmark as MEGET HØJ (very high). State-sponsored activity targeting Nordic infrastructure continues to increase. These are facts, not forecasts — and they are exactly the kind of risks NIS2 was designed to address.
We deploy and configure the platform for you, and scale our involvement to match your needs — from initial setup and training through to fully managed operations.
Risk management measures — Technical, operational, and organisational controls proportionate to your risk profile
Incident reporting — Early warning within 24 hours, full incident report within 72 hours, final report within one month
Supply chain security — Assess and manage risks from suppliers and service providers
Documented evidence — Demonstrate compliance with audit-ready documentation and evidence trails
Management accountability — Executive liability for gross negligence in security governance (Art. 20)
Non-compliance penalties: Up to €10M or 2% of global revenue for essential entities. Up to €7M or 1.4% for important entities.
What you get
From threat detection to compliance reporting. We deploy and configure it all — you choose how much ongoing management you need from us.
Alerts from CheckMK, Wazuh, and other sources are ingested and analysed by AI. Severity scoring, remediation proposals, and MFA-gated execution — with full audit trail.
Automated attack surface discovery with Nmap. Continuous scanning with OpenVAS, ZAProxy, and Nuclei. Findings tracked over time with prioritised remediation guidance.
Evaluate systems against CIS Benchmarks, NIST CSF 2.0, ISO 27001 Annex A, and PCI DSS. Track maturity progression from baseline to optimised.
Git-synced playbooks for Linux and Windows. Scheduled execution, tag-based targeting, real-time monitoring — all GPG-signed and fully auditable.
Article-by-article tracking mapped to NIST CSF and ISO 27001. Automated gap analysis, continuous evidence collection, and export-ready audit reports.
Single pane of glass across your CheckMK instances. Alert correlation, ad-hoc investigation queries, and event-driven escalation across your entire estate.
NIS2 Compliance
A structured approach to NIS2 compliance that integrates into your daily operations — not a one-off project that gathers dust.
Map your controls directly to NIS2 articles 20–23. See exactly where you stand on each requirement.
Agents continuously collect compliance data from your infrastructure. Evidence is always current, never stale.
Identify gaps between your current posture and NIS2 requirements. Get prioritised recommendations for remediation.
Generate audit-ready compliance reports for your sector authority. Formatted, complete, and backed by evidence.
Cross-reference NIS2 requirements with NIST CSF, ISO 27001, and CIS controls. One assessment, multiple frameworks.
Not a one-time checkbox. We continuously monitor and maintain your compliance posture as your infrastructure evolves.
Maps to industry frameworks
Getting started
We handle setup and configuration on every plan. From there, you choose how much ongoing support you need — from self-service to fully managed.
We deploy agents across your infrastructure — Linux, Windows, or pre-built OVA appliances. Scanners, integrations, and policies configured for your environment.
Network discovery, vulnerability scans, and security hardening assessments run automatically. You get a complete picture of your estate and compliance posture.
AI-driven automation monitors and responds around the clock. Your team has full dashboard access. Scale up our involvement as your needs grow.
Under the hood
Purpose-built for security, auditability, and transparency. You always have full visibility into what the platform is doing.
Claude and GPT integration for alert analysis, playbook explanation, and compliance recommendations.
Remediation actions require Duo MFA approval. No automated change happens without human confirmation.
Every playbook is cryptographically signed before execution. Agents verify signatures — tampered payloads are rejected.
Credentials managed through 1Password Connect. Zero secrets in configuration files or environment variables.
Microsoft Entra ID integration with 15+ granular permission categories. Read, Write, and Admin per resource type.
Playbooks and security policies synced from GitHub or GitLab. Version-controlled, reviewable, auditable.
Deployment
We deploy where your infrastructure lives. Cloud, on-premise, or both — included on every plan.
Dashboard and API run on Cloudflare's global edge network. Zero infrastructure to manage, automatic scaling, built-in DDoS protection.
Pre-built OVA appliances deploy to VMware ESXi in minutes. Purpose-built for environments that require on-premise scanning or air-gapped operation.
Service plans
Every plan includes full platform access, agent deployment, and our team managing your security operations. Choose the scope that fits.
We deploy and configure the platform. Your team operates it day-to-day with our support.
Co-managed operations. We handle security monitoring, scanning, and compliance — your team stays in control.
Full managed operations. We run your security programme end-to-end with dedicated resources.
Book a 30-minute call. We'll look at your infrastructure, discuss your compliance requirements, and show you the platform.
Or email us directly at hello@operationsdashboard.com