NIS2 Compliance
Made Simple & Automated.
The EU NIS2 Directive has been mandatory since October 2024. Automate your continuous DNS monitoring evidence and avoid penalties up to €10M — with ZeroHook.
Active Monitors
LIVEContinuous surveillance of your domains for DNS changes, typosquatting, and certificate transparency.
Understanding NIS2
What is the NIS2 Directive?
The Network and Information Systems Directive 2 (NIS2) is an EU-wide cybersecurity regulation that mandates specific security measures for organizations in essential and important sectors. It requires continuous monitoring, incident detection, and evidence-based compliance reporting.
Key Requirement:Organizations must demonstrate “continuous monitoring” of their DNS infrastructure. One-time audits are not sufficient — you need 24/7 surveillance with historical evidence.
- Applies to all EU entities and critical sectors
- Mandatory since October 17, 2024
- Requires continuous DNS security monitoring
- Evidence collection for regulatory audits
- Penalties up to €10M or 2% global revenue
Maximum Fine for Non-Compliance
or 2% of global annual revenue — whichever is higher
- Temporary ban from operating in the EU
- Public disclosure of violations
- Personal liability for executives
- Mandatory third-party security audit
ZeroHook Compliance Evidence Pack costs €1,910/year — vs. a potential €10M fine.
Simple. Automated. Audit-Ready.
Three steps from setup to compliance evidence — without touching a spreadsheet.
Always-on surveillance — every 15 minutes.
ZeroHook watches your DNS infrastructure around the clock. Automated scans detect configuration drift, blacklist additions, and certificate expiries before regulators — or attackers — do.
Who Does NIS2 Apply To?
NIS2 covers a significantly broader range of sectors than the original Directive — if you're unsure, you're probably in scope.
Essential Entities
- Energy (electricity, oil, gas)
- Transport (air, rail, road)
- Banking & financial markets
- Healthcare & pharmaceuticals
- Drinking water & wastewater
- Digital infrastructure
Important Entities
- Postal & courier services
- Waste management
- Chemicals manufacturing
- Food production
- Medical devices
- Digital providers (cloud, SaaS)
Size Thresholds
- Medium: 50–249 employees
- Large: 250+ employees
- Annual turnover > €10M
- Balance sheet > €43M
- Smaller entities if critical
- Subsidiaries of EU entities
Everything NIS2 demands. Automated.
Article 21 mandates specific DNS security controls. ZeroHook checks all of them — continuously.
Email Authentication
SPF, DKIM, and DMARC must be correctly configured and continuously monitored. Misconfiguration opens the door to domain spoofing and phishing.
Article 21(2)(i): Anti-spoofing measuresDNSSEC Validation
DNS Security Extensions protect against cache poisoning and DNS hijacking. NIS2 explicitly requires cryptographic validation of DNS records.
Article 21(2)(h): DNS securityDNS Infrastructure Integrity
Zone transfer controls, subdomain takeover prevention, and nameserver health must be continuously audited to prevent infrastructure compromise.
Article 21(2)(f): Network integrityContinuous Monitoring
24/7 automated surveillance of your DNS posture. NIS2 explicitly prohibits point-in-time audits — continuous evidence is mandatory.
Article 21(2)(b): Continuous monitoringIncident Detection & Response
Real-time alerts for DNS hijacking, blacklist additions, and configuration drift. Detect threats in 15 minutes, not 15 days.
Article 23: Incident detectionEvidence & Audit Trail
Regulators require tamper-proof logs of your security posture over time. Every ZeroHook scan produces a signed, immutable evidence record.
Article 21(2)(d): Evidence collectionFrom Weeks to Minutes.
Traditional NIS2 compliance prep takes 3–5 weeks of manual work. ZeroHook collapses it to one click.
35-Point Audit
Every NIS2-relevant DNS check in one scan — SPF, DKIM, DMARC, DNSSEC, MTA-STS and more.
Always-On Monitoring
Automated scans every 15 minutes. Alerts reach you before clients or regulators notice.
One-Click Reports
Download a full PDF compliance report with tamper-proof evidence chain in seconds.
Compliance Score
Track your NIS2 readiness score over time and demonstrate continuous improvement to auditors.
Ready to Automate NIS2 Compliance?
Join 200+ EU organizations using ZeroHook to avoid €10M fines — with automated evidence collection and one-click compliance reports.