EU compliance tools,
handcrafted for your business

NIS2 (Network and Information Systems Directive 2) is an EU cybersecurity directive that required Member State transposition by October 2024. It applies to essential and important entities across sectors including IT, finance, healthcare, energy, and digital infrastructure. Companies with 50+ employees or €10M+ annual turnover in these sectors are generally covered. NIS2 requires organizations to implement cybersecurity risk management measures, including access control policies and threat intelligence monitoring — exactly what ShieldShed helps you achieve.

All ShieldShed service data is stored in the European Union, in Microsoft Azure's West Europe region (Netherlands). Payment processing (Stripe) and website analytics (Google Analytics) may involve data transfer to the United States under appropriate safeguards — Standard Contractual Clauses and the EU-US Data Privacy Framework respectively. For full details, see our Privacy Policy. Our infrastructure meets the data residency requirements of NIS2, DORA, and ISO 27001.

Yes. We offer a 30-day free trial for all shields. During the trial you get full access to threat detection, daily scans, and email alerts. Compliance reports, auditor certificates, and takedown templates become available with a paid subscription. You can cancel anytime from your account dashboard at no cost. If you don't cancel before the trial ends, your subscription will automatically convert to a paid plan.

Absolutely. ShieldShed is built specifically for organizations preparing for or maintaining ISO 27001 certification. DomainShield covers A.5.7 (Threat intelligence) and AccessShield covers A.5.18 (Access rights) and A.8.2 (Privileged access rights). Both products generate one-click PDF reports that map directly to these controls — ready to hand to your auditor.

DORA (Digital Operational Resilience Act) is an EU regulation for the financial sector that took effect in January 2025. Article 9 requires ICT risk management measures including access control and threat monitoring. DomainShield addresses Article 9's threat intelligence requirements, while AccessShield addresses the access management and audit trail requirements. Both generate reports with explicit DORA control mapping.

DomainShield generates thousands of domain permutations against your protected brand using six detection algorithms: typosquats (keyboard slips like shieldshde.com), homoglyphs (visually identical Cyrillic/Greek/Armenian characters with punycode resolution), combosquats (keyword injection like login-shieldshed.com), bitsquats (single-bit memory error variants), TLD swaps across 61 top-level domains, and Certificate Transparency log scanning for newly issued SSL certificates that contain your brand. Each candidate is scored on WHOIS age, DNS records, MX setup, and SSL configuration, then sent as a daily digest or real-time alert.

AccessShield is the most affordable Entra ID access review tool on the EU market at €3 per user per month (minimum €99/month). Microsoft Entra ID P2 with Governance costs roughly €22/user/month — for a 200-user company that's €4,400/month versus AccessShield's €600/month, an 80% saving. AccessShield focuses on the audit-relevant capabilities: daily group membership snapshots, 12-month historical trail, automated access review campaigns with token-based reviewer pages (no Entra login required for group owners), and one-click ISO 27001 / NIS2 / DORA compliance reports. No Entra P1 or P2 license required for reviewers.