Derkon

The auditor is coming. Do you have proof?

Let's be honest. Your incident response "playbook" is a 47-page Word document that:

📄 Lives in a SharePoint folder nobody remembers
🕸️ Was last updated in 2019
🤷 Gets ignored the moment something actually happens

And when the auditor asks "show me how you handled the incident", you piece together Slack messages, email threads, and that one screenshot someone maybe took.

Sound familiar?

The problem isn't your team. It's your tools.

When systems are down and phones are ringing, people don't follow 47-page documents.

They panic. They improvise. They forget to log.

Then, 3 months later, you're explaining to an auditor why you think you notified the authorities within 72 hours, but you're not entirely sure, and the evidence is somewhere.

Derkon makes incident response provable.

Not "we probably did it."

Not "I think Alice handled that."

Here's exactly what happened, when, by whom, with cryptographic proof.

What Derkon Actually Does

🎯 Playbooks people actually follow during chaos

Panic shrinks your brain. Literally. You get tunnel vision, forget obvious things, and make bad decisions.

Derkon's UI is designed for crisis mode:

One step at a time. Clear instructions.
Who does what. No confusion.
Live timer. No time distortion.
Can't skip evidence. Auditor-proof by design.

Your team doesn't think. They execute.

📋 Proof that makes auditors happy

Every action in Derkon creates an immutable audit trail:

What's logged	Why it matters
Who did what	Accountability
When exactly	Timeline reconstruction
What evidence	Compliance proof
What decisions	Justification
System state	Forensic integrity

Export a compliance package with one click:

Executive summary
Detailed timeline
Evidence with cryptographic hashes
Framework mapping (DORA ✓ NIS2 ✓ GDPR ✓ ISO 27001 ✓ NIST ✓)

Your auditor will ask where this tool has been all their life.

Since January 2025, DORA requires financial entities to:

Report major ICT incidents within 4 hours
Document incident handling end-to-end
Prove you followed your own procedures

NIS2 (October 2024) extends similar requirements to:

Essential and important entities across the EU
With penalties up to €10M or 2% of global turnover

Your Word document won't cut it. Your Confluence page definitely won't.

Derkon was built for this reality.

Deployment: Your Infrastructure, Your Rules

🏰 On-Premises First (Because Regulators Said So)

Let's talk about the elephant in the room: data sovereignty.

When you're handling incidents involving customer PII or financial transactions, the last thing you want is sending that data to someone else's cloud. Derkon runs in YOUR infrastructure.

View Technical Implementation & Compliance Details

Your concern	Our answer
Data residency	Deploy in your datacenter, your country
Air-gapped environments	Fully offline capable
Custom network policies	Your firewall rules, your way
Audit trail custody	Evidence never leaves your control
Compliance requirements	GDPR Art. 28? Check. NIS2 Art. 21? Check.

Some dragons guard their treasure in caves. Your cave. Not ours.

Technical Specs for SysAdmins:

Architecture: Distributed or Single-node Docker deployment.
Persistence: Managed PostgreSQL/MongoDB (Internal or External).
Isolation: Works behind VPN/Zero Trust without outbound internet access.
Updates: Pull-and-restart model via private registry.

☁️ Managed Cloud Option (For Those Who Trust Us)

Don't want to manage infrastructure? We get it.

Our EU-hosted SaaS option:

Frankfurt & Amsterdam datacenters (EU data residency)
SOC 2 Type II certified infrastructure
Encrypted at rest and in transit
Regular third-party audits
GDPR-compliant DPA included

But honestly? Most regulated entities choose on-premises. And we think that makes sense.

What Derkon is NOT

Let's save you some time:

If you want...	Derkon is NOT for you
A €100K enterprise platform with consultants	We're focused on the tool
6 months of implementation	Try it in 10 minutes
A tool only engineers understand	Your compliance officer can use it
Another SIEM/SOAR/XDR acronym soup	We do incident response. Period.
Cloud-only SaaS with no alternatives	See above. We're on-prem first.

Derkon is for teams who want to sleep at night, knowing that when (not if) something happens, they'll handle it properly AND prove it.

The Dragon Story

Why "Derkon"?

Δέρκων (Derkon) comes from ancient Greek derkomai — "to see clearly" or "to have a piercing gaze."

It's the origin of the word Dragon.

In mythology, dragons guard treasure with unblinking vigilance. They see everything. They forget nothing.

Your treasure is your data, your uptime, your reputation.

Derkon is the dragon that guards it.

And unlike mythical dragons, this one:

Runs on your servers
Doesn't hoard your data
Actually helps instead of eating villagers

(Also, let's be honest, every security tool is named something boring like "SecureFlow Pro 360". We wanted something cooler.)

How It Works

1. BUILD      →  Create playbooks visually (no PhD required)
                 Drag, drop, done.
                 Pre-built templates for DORA, NIS2, GDPR.

2. EXECUTE    →  When incidents happen, follow the steps
                 One click at a time. Evidence attached.
                 Timeline automatically reconstructed.

3. PROVE      →  Export everything for auditors
                 Timeline, evidence, framework mapping.
                 Cryptographic proof of integrity.
                 *chef's kiss*

Currently in Private Beta

We're working with a small group of companies who were tired of:

Audit panic
"Who did what?" mysteries
Tools that cost more than their annual security budget
Sending incident data to third-party clouds
Explaining to DPOs why sensitive data left the building

Want in?

Request Early Access →

Tell us:

Your company (or just say hi)
Your biggest incident response headache
On-premises or cloud? (No judgment either way)
Whether you've ever had an auditor make you sweat

We'll get back to you. Probably with questions about your current playbook situation and gentle judgment about that Word document.

FAQ (Frequently Anticipated Questions)

Q: Is this another SOAR tool?

A: SOAR tools are great if you have a dedicated team to configure them for 6 months. Derkon is for everyone else. We're focused, not bloated.

Q: We already have playbooks in Confluence.

A: Cool. When did someone last follow them during an actual incident? And did they log evidence? Derkon makes playbooks executable, not just readable.

Q: What about integrations?

A: Coming soon. But honestly? The biggest gap isn't integrations. It's proving you did what you said you'd do. We're solving that first.

Q: On-premises means we have to manage it, right?

A: Docker container. One command to run. Updates are pull-and-restart. We're not making you build Kubernetes clusters here. (Unless you want to. We won't stop you.)

Q: Can it run air-gapped?

A: Yes. Perfect for critical infrastructure, defense contractors, and the properly paranoid. The dragon works offline just fine.

Q: What about disaster recovery?

A: Your infrastructure, your DR strategy. We provide backup/restore tools. You decide where backups go. (Hint: probably not the same datacenter that just caught fire.)

Q: Is it secure?

A: We're building a security tool. If we got breached, we'd deserve every joke on Twitter. Yes, it's secure. Penetration tested. Details for the paranoid: ask us directly.

Q: Cloud option for non-regulated companies?

A: Absolutely. EU-hosted, GDPR-compliant, ready to go. But we lead with on-premises because that's what most of our users actually need.

Q: How much does it cost?

A: Less than your next audit finding. (Pricing coming soon. Private beta is... private. And free.)

Q: Why a dragon?

A: Why NOT a dragon?

One more thing.

Every company says "security is a priority."

Every company says "we take compliance seriously."

Few can prove either when it matters.

Be one of the few.

🐲

Derkon is currently in private beta. Built in Athens, tested in chaos.
On-premises by default. Cloud when it makes sense.
Inside the Dragon Cave on X

Contact →