Use cases

NIS2 compliance, put to work.

What NIS2-bound teams get with Alexus today, and the AI Agent coming in Phase 2.

Available today · NIS2

What you get with Alexus

Five things NIS2-bound teams can do today, turning the IT operations you already run into Article 21, 23 and 20 evidence.

NIS2 Use Case 01

Prove Article 21 readiness on demand

Walk into any audit with a live score, not a quarter of scramble.

A continuous readiness score across all 10 NIS2 Article 21 measures, each with a per-control evidence trail you can drill into.

  • All 10 measures, continuously scored
  • Per-control evidence trail
  • Gaps surfaced before the auditor finds them
Live · Article 21 readiness8 / 10 ready
Risk analysis & policies
Incident handling
Business continuity
Supply-chain security
Secure development
Effectiveness review
Cyber hygiene & training
Cryptography
Access control & assets
MFA & secure comms
Overall
80%

per-control evidence trail · updated 2m ago

NIS2 Use Case 02

File Article 23 reports inside the deadline

Hit the 24-hour and 72-hour windows, every time.

Early-warning and full-report templates assembled from your live operational graph, in your national CSIRT's accepted format.

  • 24-hour early-warning template
  • 72-hour full report
  • Aligned to national CSIRT formats
Article 23 · CSIRT reportingnational CSIRT format
Significant incident detected09:42

auto-classified from telemetry

Early-warning filedT + 24h

to national CSIRT

Full incident report filedT + 72h

scope pulled from live CMDB

Final reportT + 1 month

draft assembled, awaiting sign-off

NIS2 Use Case 03

Answer “what happened?” with a query

Regulator and auditor questions become a database query.

Every change (actor, source, timestamp) logged, hash-chained and replayable. The incident timeline is always reconstructable.

  • Actor · source · timestamp on every change
  • Hash-chained & replayable
  • Reports as a query, not a project
Live · operational audit trail
09:42:01datadogsignal.received0x9f3a…c1
09:42:03systemincident.opened0x1b7c…4e
09:43:18sarah@change.approved0x4e22…a7
09:43:25systemrollback.executed0x8d51…f0
09:45:02systemincident.resolved0x2a9e…bb

signed · hash-chained · replayable

NIS2 Use Case 04

Hand the board defensible evidence

Article 20 due-diligence the board can show a regulator.

An audit-grade quarterly Executive Accountability Pack for the board, CISO and D&O insurer, defensible under NIS2 personal-liability rules.

  • Board & regulator ready
  • D&O / cyber-insurance underwriting
  • Personal-liability defensibility
Executive Accountability PackQ2 2026
Article 21 readiness8 / 10 measures
Incidents (quarter)3 · all reported in-window
Controls evidenced142 · hash-chained
Sign-offCISO · 30 Jun 2026
For:BoardRegulatorD&O insurer

Article 20 due-diligence · audit-grade

NIS2 Use Case 05

Map and manage supply-chain risk

Supply-chain exposure mapped, not assumed.

A live dependency graph covering third-party integrations, so supplier risk (Article 21's supply-chain measure) is visible and its blast radius known.

  • Third-party dependencies mapped
  • Blast radius visible on day one
  • Risk you can put in a contract
Supply-chain exposureArticle 21(d)
Your estate
Payments APIlow risk
Cloud IaaSlow risk
Auth / SSOmed risk
Logging SaaShigh risk
Logging SaaS incident → blast radius: 3 services mapped
AI Agent · Phase 2 (coming soon)

The AI Agent in action

Five high-impact patterns the Alexus AI Agent adds in Phase 2, all feeding the same NIS2 evidence trail.

Alexus · Operational evidence for NIS2
What's next

See it in action

Watch Alexus run through these scenarios live.