FortisEU — Turn 84+ frameworks into board-level confidence.
One sovereign platform.
Compliance management, vendor risk, asset registry, AI guidance across 84+ frameworks. EU sovereignty. EU-hosted by default. Ask about self-hosted and air-gapped deployment for strict sovereignty requirements.
Compliance Management
Map once across key frameworks.
Map one control across NIS2, DORA, ISO 27001, SOC 2, and GDPR. Track evidence and gaps once, then reuse across overlapping requirements.
- Pre-built framework templates (NIS2, DORA, ISO 27001, SOC2)
- Cross-framework mapping to reduce duplicate work
- Gap analysis and remediation tracking
- Evidence management with audit trails
- Compliance score dashboards
- PDF report generation for auditors
Third-Party Risk Management
Know your supply chain risk before your auditor asks.
Automate your vendor due diligence with intelligent questionnaires, automated security scanning, and continuous monitoring. Know your supply chain risk at a glance.
- Automated vendor security scanning (DNS, SSL, headers)
- Risk-tiered assessment workflows
- Customizable questionnaire templates
- Vendor portal for self-service assessments
- Continuous monitoring and alerts
- Contract and SLA tracking
ASK
Ask a regulation question. Get guidance.
Ask questions about regulations or how to use FortisEU in natural language. Built with EU-sovereign AI. ASK helps you navigate requirements and map next steps to your program.
- Natural language compliance queries
- Guidance across key regulatory sources
- Context-aware next steps and drafts
- ASK does not train on your tenant data.
Asset Registry
Every asset. Every dependency. Every owner. Mapped.
Maintain a complete inventory of your IT assets, map them to business processes, and understand dependencies. Essential for NIS2 Article 21 compliance.
- Hardware, software, and cloud asset tracking
- Business process mapping
- Criticality classification
- Owner assignment and accountability
- Integration with discovery tools
- Dependency visualization
Fortis Monolith
EU-sovereign endpoint compliance. No MDM required.
Collect device security evidence automatically from macOS, Windows, and Linux endpoints. Same-database sync, RLS-isolated, deployed on Scaleway France. No third-party SaaS dependency.
- Disk encryption verification (FileVault, BitLocker, LUKS)
- Firewall and antivirus status monitoring
- OS patch compliance tracking
- Software inventory with vulnerability detection
- Custom osquery policy compliance (Premium)
- Same-database sync — no HTTP round-trips, no data leaves the EU
Built for enterprise. Priced for growth.
RBAC & Multi-Tenancy
Role-based access and tenant isolation. Tenant isolation is enforced with Row Level Security.
Audit Logging
Immutable audit trails for every action. Meet regulatory requirements for evidence and accountability.
Executive Dashboards
Board-ready views of posture, gaps, and vendor risk trends.
Docker Deployment
Docker deployment package with documented setup steps for self-hosted environments.
Vendor Portal
Vendor portal workflows to collect assessments and security questionnaires.
API & Integrations
Versioned REST API for key resources plus an integration catalog for evidence collection and workflows.
See it yourself. No sales pitch required.
Create account, launch a live demo, or talk to our team about procurement and enterprise deployment.