Reglyze
Now live: draft your Pay Transparency compliance in minutes.Explore
AI-first NIS2 compliance for SMEs

NIS2 compliance,
AI-accelerated

Reglyze's AI auto-scopes your NIS2 obligations, drafts your policies, answers inbound vendor questionnaires, and surfaces gaps before auditors do — so SMEs get compliant in hours, not months.

Our own NIS2 evidence: under 1 hourvs. 80–120 hoursSee the evidence
Your country's own framework — not just generic NIS2
FranceReCyFItalyMisure ACNGermanyIT-GrundschutzBelgiumCyFunPortugalQNRCSSpainENSPolandKSC+ every EU/EEA state on NIS2Check your country

One directive, 27 national frameworks

Why NIS2 is a maze — and how Reglyze makes you compliant in your own country's framework, natively, across Europe.

See Reglyze in action

No staging — real captures of the product, on production. Time-lapses are labelled (×8).

Everything you need for NIS2 compliance

Six integrated modules covering every aspect of the NIS2 directive, powered by AI to save you time and reduce costs.

Scoping Wizard
Determine if your organization falls under NIS2 in minutes. AI-guided questionnaire based on sector, size, and services.
Gap Assessment
Comprehensive assessment against all NIS2 controls. Identify gaps and get actionable remediation priorities.
Document Generation
Auto-generate policies, procedures, and compliance documentation tailored to your organization.
Incident Response
NIS2-compliant incident management with automated timelines, notification workflows, and authority reporting.
Supply Chain
Assess and monitor third-party supplier risk. Ensure your supply chain meets NIS2 requirements.
Compliance Dashboard
Real-time compliance posture overview. Track progress, scores, and deadlines in one place.

What Reglyze does — and what stays in your hands

Compliance is shared work. Our AI does the heavy lifting; a handful of legal acts stay yours by law — and we turn each one into a guided, two-minute step.

Reglyze does this for you

Automated
  • Works out your obligations — whether and how NIS2 (or your national law) applies to you
  • Runs your gap assessment and scores your compliance posture
  • Drafts your policies, procedures and audit-ready evidence
  • Tracks your remediation and walks you through every fix, step by step
  • Answers inbound vendor security questionnaires and drafts your incident notifications

This stays with you

Yours by law
  • Registering your entity with your national authority (CSIRT, MyCiber, ACN…) — the official portals require you, the entity, to do it
  • Submitting that incident notification in the authority's portal — we prepare and time it; you click send
  • Actually operating your controls — switching on MFA, running your backups, your team showing up to training
  • Your management body's final sign-off — NIS2 makes this accountability personal and non-delegable

Why the split? These acts are legally bound to your organization: national authority portals have no public API and recognize only the entity itself. Reglyze never submits in your name — we prepare everything and keep you one click from done.

One platform, your national framework

Reglyze works in your country's own NIS2 framework — the assessment, the policies it drafts and the tabletop exercises all speak your regulator's language, not just the directive.

France
Native
ReCyF
ANSSI

Native assessment, AI-drafted documents and tabletop exercises.

Italy
Native
Misure ACN
ACN

Native assessment, AI-drafted documents and tabletop exercises.

Germany
Native
IT-Grundschutz
BSI

Native assessment, AI-drafted documents and tabletop exercises.

Belgium
Native
CyFun
CCB

Native assessment, AI-drafted documents and tabletop exercises.

Portugal
Native
QNRCS
CNCS

Native assessment, AI-drafted documents and tabletop exercises.

Spain
Native
ENS
CCN

Native assessment, AI-drafted documents and tabletop exercises.

Poland
Native
KSC
Ministerstwo Cyfryzacji

Native assessment, AI-drafted documents and tabletop exercises.

NIS2
Every other EU/EEA member state

Standard NIS2 — scoping, assessment, documents and incident reporting, ready today. When your country brings in its own rules, your work carries over: no restart from scratch.

Not a generic checklist with a flag on it. Reglyze is built on the framework your regulator actually audits against — which is why you can trust it with your national compliance.

On-premise, sovereignty

Reglyze, entirely on your own infrastructure

No data ever leaves your perimeter: the same engine, the same AI, your own key. Run the full platform inside your own data centre or private cloud.

From €12,000 for a perpetual licence, plus €3,000 per year for maintenance and support. Final pricing on quote, by scope.

NIS2 in Europe: where the market stands

57%

of organisations must comply across several countries at once

17.5%

say they are already compliant today

49.7%

of well-supported organisations are compliant, against 16% without solid support

Source: IDC, 'Preparing for NIS2 and Beyond', 2026.

Eat your own dogfood

Built on Reglyze

We manage Reglyze's own NIS2 compliance using Reglyze. Same platform, same scoring, same policies our customers use. Live data, refreshed hourly.

Compliance Score
59/100
NIS2 Controls
72

Article 21 measures

Policies
15

AI-generated

Suppliers
7

Risk-tracked

Proof

We use our own AI to be compliant

Reglyze is below the NIS2 SME threshold

Reglyze (the company) is a 5-person team. Article 2(1) of the NIS2 Directive uses the EU small-enterprise floor — under 50 staff and under €10M turnover — to bring entities into scope. We sit below it. We are not required to comply.

So why did we?

Our product claims AI makes NIS2 compliance fast and easy. The strongest validation is doing it ourselves, in the open, on the same plan our paying customers use. Every policy, score, and supplier entry on our /compliance page was produced inside Reglyze the product.

Phase 1, end to end

Wall-clock AI time across three days, sourced from our public timing log.

  1. ~12 min

    Day 1 — scoping + AI auto-scoping

    Scoping wizard plus AI inference of sector, applicable controls, and risk profile from public sources.

  2. ~30 min

    Days 2–3 — AI policy generation

    Fourteen Article 21 policies drafted by Claude Sonnet 4.6 against the real Reglyze operations. Each one editable in-product before approval.

  3. ~4 min

    Day 3 — scoring, training, supplier register

    Seventy-two NIS2 controls scored with an honesty filter, board-level training record issued, seven-vendor SaaS supplier register populated.

Total AI-assisted work

under 1 hour

Manual consultant baseline

80–120 hours

Read the redacted evidence base

Every artifact above lives at /compliance — redacted policies, training records, supplier register, and the quarterly self-audit score. Built in the product, version-controlled in the open.

If we did it in under 1 hour, so can you

If Reglyze can document its full Article 21 evidence base in under an hour of AI-assisted work, your SME can too. Start a free scoping in five minutes — no credit card needed.

Testimonials

What our customers say

Real feedback from organizations using Reglyze for NIS2 compliance.

Ho trovato Reglyze molto utile per gestire in modo ordinato le varie fasi della gestione documentale necessaria per la compliance a NIS2. Ho trovato il supporto molto pronto a rispondere.

S.F. DatiProtetti

For manufacturers

Make products with digital elements? The CRA applies to you too.

The EU Cyber Resilience Act makes manufacturers self-assess product conformity and ship an Annex VII technical file + EU Declaration of Conformity. Reglyze does it in plain language — most products self-certify under Module A.

For HR & people teams

Employ people in the EU? The Pay Transparency Directive now applies to you.

Since 7 June 2026, every employer must publish pay ranges, document objective pay-setting criteria, and report gender pay gaps (phased by headcount). Reglyze drafts your criteria, your pay-transparency policy and your gap method in plain language. You review and ratify.

Partner program

Work with a Reglyze partner — or become one

MSP, consultancy or integrator? Join the partner program and run NIS2 compliance across your whole client portfolio from one console. Are you an SME? Find a Reglyze partner to do it for you.

Plans for every stage of compliance

Start free and scale as your compliance needs grow. No hidden fees.

NIS2 compliance platform

1 organization
150+
€490per year

≈ €490 per organization

vs ~€30,000/yr to handle NIS2 in-house

Start free
How the per-organization price scales
Organizations€ / org / year
1–5€490
6–10€410
11–15€350
16–25€290
26–50€240
51+€190

Cyber Resilience Act (CRA)

For manufacturers of products with digital elements. The CRA is a separate product line with its own pricing, not included in the NIS2 plans above.

€199 one-time for one product's Module A dossier, or from €990/yr for an ongoing product line.

Free
For organizations exploring NIS2 applicability
€0forever
  • Scoping wizard
  • Full AI-guided assessment
  • Score and gaps on screen
  • 1 user
Most popular
Pro
The full compliance toolkit for one organization. Same features for every paid organization — no feature tiers.
€490 /year per organization
  • Everything in Free
  • Downloadable reports (PDF, Excel, auditor pack)
  • Unlimited documents
  • Advanced incident response
  • Supply chain management
  • Bundled NIS2 training (board, IT, staff)
  • AI-powered remediation
  • Up to 25 users
  • One organization
  • Priority support

Several organizations? The price scales down per organization — see the full curve.

See pricing
Enterprise
For groups operating across several countries: native compliance in every jurisdiction, all regulations, sales-led with a pilot
From €10,000/year
  • Native compliance in every country you operate
  • All three regulations: NIS2, CRA, Pay Transparency
  • A 30-day pilot before you commit
  • Dedicated account manager
  • SLA guarantees and priority support
  • Unlimited users and entities

Frequently asked questions about NIS2

Everything you need to know about the NIS2 directive and how Reglyze helps your organization comply.

What is NIS2 and does it apply to my company?
NIS2 (Network and Information Security Directive 2) is an EU cybersecurity directive that applies to medium and large organizations in critical sectors such as energy, transport, healthcare, digital infrastructure, and more. If your company has 50+ employees or over 10M EUR revenue and operates in an EU member state in a covered sector, NIS2 likely applies.
When does NIS2 compliance become mandatory?
EU member states were required to transpose NIS2 into national law by October 17, 2024. Most countries are now enforcing or finalizing their national implementations.
How does Reglyze help with NIS2 compliance?
Reglyze provides an AI-powered platform that covers the full NIS2 compliance lifecycle: scoping, gap assessment, document generation, incident management, and supply chain risk assessment. Designed for SMEs.