Skip to content
NNSEC
Get in touch

Why NorthSec AI

Multi-cloud read-only connectors, OCSF normalization, and agentic SOC in one contract.

Platform overviewHow the platform works →Platform capabilities →
Full coverageAWSFull coverageMicrosoft AzureFull coverageGoogle CloudCore coverageOracle CloudCore coverageDigitalOceanFull coverageOn-Premises
StrategicSecurity Architecture & Risk AssessmentStrategicCompliance ReadinessOffensiveAutomated Pentesting & Vulnerability ScanningIntelThreat Intelligence & Predictive DefenseOperationsAutomated SOC & Noise ReductionNetworkIntelligent DNS Security LayerDefensiveDeception & Honeypot DeploymentIntelZero-Day & Anomaly DetectionStrategicExecutive Reporting & AI Risk Intelligence
Compare all tiers →Talk to a vCISO →
IndustryFintech & PaymentsIndustrySaaS & B2B SoftwareIndustryAI / ML CompaniesIndustryHealth Tech & HIPAAIndustryE-Commerce & Marketplaces

Case studies

Fintech SOC2 in 90 daysSaaS multi-cloud hardeningAI startup IR retainer
FrameworkSOC 2 Type IIFrameworkISO 27001:2022FrameworkGDPRFrameworkHIPAAFrameworkPCI DSS v4.0FrameworkNIS2
Free compliance readiness audit
ResourceBlogResourceThreat ResearchResourceCase StudiesResourceCompliance LibraryResourceNNSEC University

Latest brief

Credential spill wave

Public summary · M365 OAuth consent phishing.

Read briefing →
CompanyAboutCompanyPartnersCompanyCareersCompanyPressCompanyContactCompanyStatus

We're hiring

Remote-first · Coverage across MENA, EU, and US

View open roles

[ PLATFORM // ON-PREMISES ]

Security for on-premises.
Agents + tunnels.

nnsec-agent on Linux and Windows, log forwarders over TLS 1.3, optional WireGuard fallback — same dashboard as cloud without shipping data to hyperscaler tools.

Start onboarding View pricing

2k+

Agents

1.3

TLS

Opt

Air-gap

Full coverage
onprem://agent.nnsec/streamREAD-ONLY
SITE
TLS 1.3
SOC

nnsec-agent · 2.4k events/min

[ DOMAINS // COVERAGE ]

What we assess
in On-Premises.

Platform-native domains — not a generic cloud checklist pasted from another provider.

Endpoint agents

FIM, rootkit detection, inventory.

Log forwarding

Syslog, Windows Event, JSON pipelines.

Network

Segmentation validation, exposed services.

AD / LDAP

Privileged group changes, Kerberoasting signals.

VMware / KVM

Hypervisor hardening checklist.

OT adjacent

Passive taps where allowed — no active scanning.

Backup

Immutability and offline copy verification.

Physical

Access control evidence for ISO audits.

[ RUNBOOK // ONBOARDING ]

Onboarding preview
from checklist.

Steps align with NNSEC_Onboarding_Checklist — full runbook generates after discovery wizard.

  1. 01

    Architecture call

    Map sites, zones, and log sources.

  2. 02

    Install agent

    Signed agent bundle from your NNSEC onboarding workspace.

  3. 03

    Tunnel

    TLS ingestion endpoint or WireGuard profile.

  4. 04

    SIEM bridge

    Optional forward to existing SIEM + NorthSec AI.

  5. 05

    Playbooks

    On-prem IR runbooks customized per site.

  6. 06

    Offboard plan

    Knowledge transfer + access revocation checklist.

Complete discovery wizard
[ TOOLING // OSS ]

Tools we deploy
and integrate.

Open-source and native cloud APIs — no proprietary agent required unless noted for on-prem.

nnsec-agent
Syslog
Wazuh-compatible pipeline
WireGuard
OpenSearch dashboards

Connector · Log forwarder over TLS 1.3; WireGuard tunnel as fallback per architecture doc.

[ COMPLIANCE // MAP ]

Framework mapping
for On-Premises.

Evidence exports attach findings to auditor-friendly control IDs.

ISO A.12

Operations security

HIPAA

On-prem PHI systems

NIS2

Critical infrastructure

[ TIERS ]

Connector included by tier

foundation · $3,500
growth · $5,000
scale · $8,000
enterprise · $12,000

Customer story

Air-gap SOC online

Manufacturer streamed events without cloud egress to public internet.

Industrial

Other platforms

AWSMicrosoft AzureGoogle Cloud
All platforms

FAQ

Powered by Wazuh fork — source attribution provided with your signed agent bundle during onboarding.

Connect On-Premises to NorthSec AI

Full coverage · read-only · per-tenant KMS

Book technical scoping See SOC automation