Compliance Engine

NIS2. NIST CSF. CIS Controls.
Automated. Always current.

XDRagon Monitor maps your live security telemetry directly to NIS2 Article 21, NIST CSF 2.0, and CIS Controls v8.1 — continuously. No manual worksheets. Your compliance posture is scored, evidenced, and audit-ready at all times — and when an incident hits, guided wizards draft your NIS2 Article 23 and GDPR Article 33 notifications before the deadlines run out.

3
Frameworks Covered
Live
Continuous Scoring
Auto
Evidence Collection
1-click
Audit Export
24h/72h
Report Deadlines Tracked
Real-Time Posture.

Your compliance posture.
Continuously scored.

Live framework scoring Scores update as your security posture changes — new events, new evidence, new gaps — all reflected in real time.
Auto-generated evidence packages Every relevant event is captured, timestamped, and attached to the corresponding control item automatically.
Human-in-the-loop approval Evidence waits for a named reviewer to approve before it enters the audit package. Full chain of custody maintained.
One-click audit export Approved evidence, framework scores, and gap analysis bundled into a structured ZIP package ready for your auditor.
AI remediation guidance Every open gap comes with a context-aware AI recommendation — grounded in your actual telemetry, not generic advice.
82%
NIS2
84%
NIST CSF
78%
CIS v8.1

Example scores from a demo environment — your dashboard shows your live posture.

Evidence log — last 7 days
12 items
NIS2 §21 — Incident detection evidence package generated and approved
CIS Control 8 — Audit log retention verified (365 days)
NIST ID.AM-1 — Asset inventory exported and approved by reviewer
NIS2 §23 — 72-hour reporting readiness confirmed
NIST DE.AE-2 — 847 security events analysed and classified
Example entries from a demo environment — your evidence log reflects your own network.
MITRE Coverage
COMPLIANCE PIPELINE

NIS2 evidence pipeline — automated audit trail from alert to report

NIS2 compliance evidence pipeline diagram
NIS2. NIST. CIS.

Three frameworks. One platform.

XDRagon Monitor maps your live security posture to three major compliance frameworks simultaneously. Controls are auto-scored from your existing telemetry — no additional data collection required. GDPR Article 33 breach reporting and ISO 27001 evidence export build on the same engine — covered below.

NIS2 Directive
NIS2 Article 21
The EU Network and Information Security Directive 2 mandates risk management and incident handling for essential and important entities. XDRagon Monitor automates evidence collection for all 10 Article 21 measures.
Article-by-article gap analysis
§21 measure auto-scoring
72-hour reporting readiness check
Incident detection evidence
Supply chain risk visibility
NIST Framework
NIST CSF 2.0
The NIST Cybersecurity Framework 2.0 introduces a new Govern function alongside the original five. XDRagon Monitor maps telemetry and operational data to all six functions and their subcategories.
All 6 functions mapped: GV, ID, PR, DE, RS, RC
Subcategory-level scoring
Asset inventory auto-export
Detection coverage mapping
Response plan readiness
CIS Controls
CIS Controls v8.1
The Center for Internet Security Controls v8.1 consolidates previous controls into 18 priority-ordered safeguards. XDRagon Monitor provides automated coverage evidence for the controls most relevant to monitored infrastructure.
18 control families assessed
Implementation group alignment (IG1/IG2/IG3)
Audit log evidence (Control 8)
Malware defenses visibility (Control 10)
Network monitoring evidence (Control 13)
Report On Time.

When an incident hits, a legal clock starts.

NIS2 gives you 24 hours to send an early warning and 72 hours for a full notification. GDPR gives you 72 hours to notify the Danish Data Protection Agency of a personal data breach. XDRagon Monitor turns both into guided wizards that draft the report from your own incident data — so the paperwork never competes with the response.

Incident Reporting
NIS2 Article 23 report wizard
24h early warning72h notification1 month final report
A guided wizard walks you from incident to submitted report: pick the incident, review an AI-drafted notification built from your own event data, and export a ready-to-send PDF — with a live countdown for every deadline so nothing slips.
AI drafts the report from your incident record — you review every word
Deadline countdown for the 24-hour, 72-hour, and one-month reports
Preview the PDF in-app before anything is sent
Addressed to your national CSIRT — CFCS in Denmark
Breach Notification
GDPR Article 33 breach wizard
72h to notify Datatilsynet
If personal data may have been exposed, you have 72 hours to notify the Danish Data Protection Agency (Datatilsynet). The wizard drafts the notification from the incident, counts down the deadline, and keeps your draft safe so you can pause and resume.
AI-drafted notification, ready for Datatilsynet
72-hour countdown with clear urgency warnings
Drafts saved server-side — resume where you left off
Export as PDF or mark as submitted
Evidence Export
ISO 27001 evidence export
Asked for ISO 27001 evidence by a customer, or working towards certification? Export everything the platform has collected, mapped to the ISO 27001 Annex A structure, as one organised ZIP.
Evidence mapped to ISO 27001 Annex A sections
Reuses evidence already collected for NIS2 — no duplicate work
Sections without evidence are honestly marked, never padded
One structured ZIP for your auditor or customer
Audit Readiness
Audit Readiness Score
One number that answers the question every owner asks: "If an auditor called tomorrow, how ready are we?" The score combines evidence freshness, policy approvals, vendor assessments, open critical risks, maturity trend, and report age — and shows exactly which gaps to close first.
Single readiness score on your compliance dashboard
Colour-coded breakdown of what is holding it back
Concrete gaps with clear next steps — not vague advice
Improves visibly as you close each gap
Danish Onboarding
CVR-based onboarding
Danish company? Type in your CVR number and the setup wizard pre-fills your company details from the national business register. A guided four-step flow gets your entity profile right, with plain-language explanations of every NIS2 term along the way.
CVR lookup auto-fills your company data
Guided four-step entity setup
Plain-language tooltips for Article 21, Annex I/II, and implementation groups
Written for owners, not lawyers
The Full Toolkit.

Everything an auditor asks about. One place.

Compliance is more than a score. XDRagon Monitor keeps the working documents auditors and customers actually ask for — maintained by the same platform that watches your network.

Gap analysisSee exactly which requirements you already meet and which need work — per framework, in plain language.
Risk registerRecord and track your security risks in one place, with owners and status — the document every audit starts with.
Policy wizardBuild the written security policies the frameworks expect, step by step, instead of starting from a blank page.
Vendor riskTrack your suppliers and their assessments, so supply-chain questions have documented answers.
Maturity assessmentMeasure how your security practices develop over time — useful for the board as well as the auditor.
Training registerDocument who on your team completed security awareness training, and when.
Compliance historySee how your posture has moved month by month — proof of steady improvement, not just a snapshot.
Evidence collected once, used everywhereThe same automatically collected evidence powers NIS2, NIST CSF, CIS Controls, and the ISO 27001 export — no duplicate paperwork.
A head start — not a replacement for professional advice. XDRagon Monitor organises your evidence, drafts your reports, and shows you your gaps, so you walk into any audit or advisory meeting with the homework done. For binding interpretations of your NIS2 or GDPR obligations, involve your legal or audit advisor.
Map. Collect. Prove.

From live telemetry to audit-ready evidence in four steps.

1
Detect
XDRagon Monitor captures relevant security events from network, endpoint, and DNS sources continuously. Every event is timestamped and stored.
2
Map
Each event is automatically mapped to one or more compliance controls across NIS2, NIST CSF, and CIS Controls. Scoring is updated immediately.
3
Approve
A named reviewer approves each evidence item in the workflow. Full chain of custody is maintained — who approved what, and when.
4
Export
One click generates the audit ZIP package — structured evidence, framework scores, gap analysis, and remediation recommendations.
Intelligent Guidance.

Context-aware guidance.
Not generic checklists.

For every compliance gap, XDRagon Monitor' AI advisor analyses your actual security telemetry — your network traffic patterns, your endpoint events, your specific vulnerabilities — and produces a remediation plan that makes sense for your environment.

Grounded in your telemetry Recommendations reference your actual event history, not hypothetical scenarios.
Prioritised by risk impact Gaps with active threat indicators are escalated above theoretical risk items.
Runs entirely on-premises All AI remediation analysis uses your local LLM. Your compliance data never leaves your infrastructure.
AI Remediation Recommendation
NIS2 Art. 21(2)(b) — Incident handling: Response procedure not documented
Gap ref: NIS2-21-2b · Severity: Medium · NIST mapping: RS.RP-1
Based on your incident history over the past 30 days, 14 events were detected but no formal response workflow was triggered. Your current setup lacks a documented escalation path from detection to containment. Recommended action: create a runbook that maps alert severity levels (Critical/High/Medium) to named escalation contacts and response timelines. This addresses NIS2 §21(2)(b) and NIST RS.RP-1 simultaneously. Evidence auto-collected: alert timeline, response time metrics, analyst action log.
Example recommendation from a demo environment — in your dashboard, recommendations are generated from your own telemetry.
Platform Numbers

Compliance at scale

3
Frameworks
NIS2, NIST CSF 2.0, CIS Controls v8.1 — plus GDPR Art. 33 reporting and ISO 27001 export
100%
Automated Evidence
No manual evidence collection for mapped controls
1
Click to Export
Full audit ZIP package — evidence, scores, gap analysis
0
Data Leaves Premises
All compliance processing runs on your infrastructure

Compliance that runs itself.

Deploy XDRagon Monitor and have your NIS2, NIST, and CIS compliance scoring live within the hour — no manual setup required.