One risky vendor is all it takes to fail a NIS2 audit.

You type a domain. We email the report: a verified 0 to 10 risk score and an audit-ready NIS2 document, checked by an analyst, within 24 hours. €49, no account.

Not an automated scan: verified by an analyst No account Money-back guarantee

More vendors? Add up to 20 at checkout.

See a sample report
fornitore-erp.it
7.4 HIGH

2 HIGH findings · SSL: B · 2 known breaches · SPF missing

NIS2 Art. 21(2)(d): gap detected

NIS2 Art. 21

Evidence you can hand to your auditor

ACN Det. 127437

Your supplier map, one report at a time

🇪🇺 EU-hosted

Data stays in Europe, GDPR by design

The request has arrived. The documentation hasn't.

vendors_FINAL_v3(2).xlsx
Vendor Owner Security info
1 erp-supplier.com IT dept ?
2 cloudhost.io Marco n/a
3 logistica-spa.it Sara questionnaire sent
4 pay-gateway.net ? no reply
The auditor asks. This is what you have.
VendoReport NIS2 · Art. 21
  • erp-supplier.com port 3306 exposed 7.4 HIGH
  • cloudhost.io SPF missing · SSL: B 4.8 MEDIUM
  • logistica-spa.it no critical findings 2.1 LOW
  • pay-gateway.net 2 breaches · TLS 1.0 9.2 CRITICAL
The same vendors, 24 hours later, analyst-verified. Forward it as-is.

Does one of these moments sound familiar?

NIS2 authority letter received Enterprise customer request Cyber insurance renewal New vendor to assess

One minute today. An audit-ready report tomorrow.

  1. 1

    Today 14:02

    erp-supplier.com

    + paste up to 19 more

    Enter the domains

    One vendor or up to 20. No account, no questionnaire. 30 seconds.

  2. 2

    Today 14:03

    VendoReport · Pack 5 €49
    •••• 4242 Paid
    invoice_0084.pdf

    Pay securely

    Card or Apple Pay via Stripe. Automatic invoice.

  3. 3

    Tomorrow 09:58

    VendoReport

    Vendor Risk Report · erp-supplier.com

    erp-supplier.com.pdf 7.4 HIGH

    Receive the reports

    Audit-ready PDFs in your inbox within 24 hours, analyst-verified before sending.

Get the report for €49

Report by email within 24 hours No account

What you get, page by page.

VendoReport 01

Executive summary

The score and the 3 things to know. Readable by your CEO.

VendoReport 02

Technical findings

Every finding: evidence, meaning, and the action to request from your vendor.

VendoReport 03

NIS2 mapping

Every gap mapped to NIS2 Art. 21 and Reg. (EU) 2024/2690 Annex 5, in the words your auditor uses.

VendoReport 04

Remediation

The request list, ready to forward to your vendor.

VendoReport 05

Methodology & scope

Severity scale, data sources, and the limitations an auditor will check.

See the full sample report →

The same format you will forward to auditors, clients and insurers. Prints clean in black and white.

It speaks the language of whoever is asking.

Art. 21(2)(d)

Supply-chain security

The report documents the vendor assessment the directive requires.

Art. 21(2)(f)

Effectiveness assessment

A score and a repeatable methodology, not opinions.

ACN Det. 127437

Supplier mapping

Each report is one tile of the map the Italian authority expects.

NIS2 full compliance: October 2026

Vendor risk is already part of the obligation. The evidence takes time to build: start with one vendor now.

How many vendors do you need to document?

An equivalent assessment from a consulting firm: from €1,500. Enterprise tools: from €20,000/year.

Pack 5 Most popular

€49 one-time

Up to 5 vendors

For the request already sitting in your inbox.

Email delivery 24h

Get the report for €49

Pack 10

€99 one-time

Up to 10 vendors

Comparable scores across your whole vendor list.

Email delivery 48h

Document up to 10

Pack 20

€199 one-time

Up to 20 vendors

The full supplier map the regulator expects.

Email delivery 48h

Document your supply chain
One report per vendor Analyst-verified before sending Audit-ready PDF, ready to forward

14-day money-back guarantee. Invoice included.

October is not the finish line. Scores change: keep your supplier map current automatically.

Starter

€99 /month

Up to 5 vendors

  • Monthly automated rescan
  • Email alerts on score changes
  • Monthly PDF report

Business

€199 /month

Up to 20 vendors

  • Weekly automated rescan
  • Vendor hub + NIS2 mapping
  • Audit-ready monthly report

Professional

€499 /month

Consultants & MSPs

  • Unlimited vendors
  • Multi-client workspaces
  • White-label reports

Frequently asked questions

Is it legal to scan a vendor without their permission?

Yes. We only analyse information publicly exposed on the internet (visible ports, certificates, DNS, known breaches). No system access, no intrusive testing.

Is this a penetration test?

No. It is a non-intrusive external analysis: the same visibility an attacker would have, without touching anything.

Why 24 hours and not instantly?

Every report is verified by an analyst before sending: no false positives to explain to your auditor.

What if the vendor comes back clean?

That is the best outcome: the report documents the assessment, exactly what NIS2 asks you to demonstrate.

Do I need to create an account?

No. Enter the domains, pay, receive the reports by email.

What happens to my email address?

We use it only to send your reports and invoice. No newsletters, no marketing lists. Write to us and we delete it.

Can I forward the report?

Yes, it is built for that: a PDF formatted for auditors, clients and insurers.

What if it isn't useful to me?

Full refund within 14 days, no questions asked.

Your vendor already has a risk score. You just don't know it yet.

The evidence the ACN expects takes time to build. The first piece can be in your inbox tomorrow morning.

Get the report for €49

Report within 24 hours No account Money-back guarantee

Then keep it current automatically, from €99/month →

Get the report for €49