CyberScan
Automated vulnerability assessment and pentesting. Continuous asset discovery, AI risk prioritisation, built-in NIS2 compliance manager.
Discover CyberScan →
DataGovern
Integrated compliance platform for GDPR + NIS2 + EU AI Act. Cross-Regulation Gap analysis, board-ready dashboard, fully on-premise.
Discover DataGovern →
Cyber Security
CISO-as-a-service consulting: posture definition, remediation roadmap, ongoing support.
Discover →The announcement
noze announces the launch of CyberScan, a cloud platform for vulnerability assessment, automated pentesting and NIS2 compliance designed specifically for Italian SMEs. CyberScan is available from today, 1 April 2026, in early access by invitation and on request.
Why CyberScan
The NIS2 Directive, transposed in Italy through Legislative Decree 138/2024, extends cybersecurity obligations to thousands of organisations that were previously not subject to stringent requirements. SMEs operating in essential or important sectors — manufacturing, transport, healthcare, digital services, food — must adopt adequate technical and organisational measures or face fines of up to EUR 10 million or 2% of global turnover.
Yet the majority of Italian SMEs lack an in-house security team, nor the budget to engage external red teams with the frequency the regulation demands. CyberScan closes this gap by offering continuous vulnerability assessment, automated pentesting and a built-in compliance manager at an affordable price — starting from €99/month.
What CyberScan offers
- Continuous Vulnerability Assessment: network, web app and API scanning with a real-time CVE database.
- Automated Pentesting: network, web and API penetration tests without hiring a red team.
- Social Engineering: simulated phishing campaigns, awareness training, per-employee scoring.
- AI Risk Prioritisation: automatic vulnerability triage based on real business impact, not just CVSS scores.
- NIS2 / ISO 27001 ready: reports and checklists aligned to compliance frameworks, ready for the board and auditors.
- Real-time Dashboard: one console for CISO, IT manager and management.
Access: invitation and request, then verified registration
CyberScan follows a gradual release model designed to ensure service quality and platform security:
Phase 1 — Early access (from today): the platform is available by direct invitation and on request through the contact form on noze.it. Early users get full access to all features and contribute to product refinement with direct feedback.
Phase 2 — Verified registration (expected in the coming months): CyberScan will open to public registration with a two-level verification process:
- Email validation: user email address verified via confirmation link.
- Target domain validation: before any scan can be launched, the user must prove control over the domain they intend to scan — via DNS record or verification file, similar to Google Search Console or SSL certificate validation.
These mechanisms are necessary because CyberScan is an offensive security tool: vulnerability scans and automated pentests must only be performed on infrastructure the user legitimately controls. Domain validation ensures that no one can launch scans against someone else’s assets.
Infrastructure and data
CyberScan runs on cloud infrastructure with data resident in the European Union. The platform is designed to meet the data residency requirements of NIS2 and GDPR, with end-to-end encryption and per-tenant environment segregation.
How to request access
To request early access to CyberScan, simply fill in the contact form on noze.it selecting CyberScan as the product, or write directly to info@noze.it. The team responds within 24 business hours.