NIS2-compatible ISO 27001 ready GDPR compliant

Organizational control.
Full transparency.

Lecnote unifies organizational knowledge, permissions and workflows on a single platform. Every access is controlled, every decision is traceable.

Book a demo Knowledge base

No-install SaaS · EU data center · On-premise option

EU NIS2 2022/2555 – Compliance support

NIS2 compliance
made simple.

Many of NIS2's technical requirements — access management, logging, access control — can be met quickly and with full documentation using Lecnote. Not magic, but a significantly smoother path.

+8

NIS2 control points supported

–85%

Less manual audit preparation

365

Days of log retention

NIS2 guide Request gap analysis
Zero Trust Architecture – Never trust, always verify

Every access
controlled.
Every step logged.

Zero Trust is not a product — it's a strategy. Lecnote provides the technological foundation on which your organization's secure digital operations are built.

Just-in-Time

Time-limited access

Least Privilege

Minimum privilege principle

Anomaly detection

Real-time alerts

Immutable Log

Tamper-proof audit trail

Book a demo Zero Trust article

500+

Organizations trust us

2M+

Logged events / day

99.99%

Uptime

NIS2 ✓

Audited compliance

Modular platform

Everything your organization needs –
in one system.

Lecnote modules are fully integrated with each other, but can also be deployed independently. Start with one area, expand as your organization grows.

Access Management

Access Management

Granular, role-based access control (RBAC). Per-user, per-group and per-system configuration to define who can access what – and when.

  • Role-based access (RBAC / ABAC)
  • Time-limited permissions
  • Least privilege enforcement
  • MFA and SSO integration
Workflow Management

Workflow Management

Every organizational process follows a defined approval path. Responsible approvers and executors are automatically notified, and status is always up to date.

  • Visual workflow designer
  • Parallel / sequential approvals
  • SLA-based deadline monitoring
  • Automatic delegation and escalation
Audit & Analytics

Audit & Analytics

Every event is automatically recorded in tamper-proof logs. Full traceability, real-time reports and anomaly detection.

  • Immutable audit logging
  • Full-text search & export
  • Suspicious behavior alerts
  • Compliance report generation
LMS Integration

LMS & Moodle Integration

Automatic two-way connection with Moodle and other LMS platforms. Course completions, certificates and permissions sync automatically – without any manual intervention.

  • Moodle, Totara, TalentLMS, Canvas
  • Auto-permissions after course completion
  • Certificate expiry tracking
  • SCORM / xAPI / LTI support
Access Control

Access Control & Parking

Physical access control and parking system integration or fresh installation. See who entered where and when – linked directly to digital access management.

  • Existing system integration (API)
  • Own hardware installation available
  • Parking management, license plate ID
  • Movement log & zone permissions
Lecnote Pro

Lecnote Pro

Enterprise-grade features: dedicated tenant, on-premise deployment, custom SLA, dedicated security advisor and priority incident handling.

  • Own server / private cloud
  • Custom integration development
  • Dedicated security engineer
  • 4-hour SLA guarantee
Request Pro quote
Approval workflows

Every decision leaves a trace.
Every process is controlled.

Lecnote's workflow engine ensures that no permission change, system access or critical configuration can happen without authorized approval. No "manually set" — only audited processes.

1

Request submission

The user or system submits the access or change request. The system automatically identifies the affected resources and required approvers.

2

Automatic risk assessment

The system classifies the request (low / medium / critical) based on organizational policies and sets the appropriate approval levels accordingly.

3

Approver notification & decision

Relevant approvers receive email, push or in-app notifications. They can approve or reject with one click — with reasoning logged immutably.

4

Execution & logging

The approved change is automatically executed (or delegated to the executor), and every step is recorded in tamper-proof logs.

Closure & auditability

The process closes and the full history remains accessible. Any external auditor or internal compliance team can retrieve and export it.

WF-2024-1183

Elevated privilege request

Pending approval

Requester

Thomas Nagy

Development team

Requested resource

prod-db-01

Critical system

Duration

4 hours

Expiry: auto-revoke

Risk classification

HIGH

2-level approval required

Justification

Read access to production needed to investigate a query performance issue in the live environment. Ticket: INC-4421.

Approval chain

Direct manager approval

Peter Kovacs · 14:22

Approved

IT Security Manager

Eva Szabo · Waiting…

Pending

CISO final approval

Auto if level 2 approves

Waiting
Full control

Digital and physical access –
controlled from one system.

Lecnote doesn't just manage software permissions. It connects your learning management systems, physical access controls and time tracking — giving you a unified picture of your organization.

LMS synchronization – automatic event log ● LIVE
09:12:04 [LMS.COMPLETE] t.nagy · "Fire Safety Training 2026" · 100% · Certificate issued
09:12:05 [PERM.AUTO] t.nagy · "Warehouse Zone B" access activated (LMS-trigger)
09:45:18 [CERT.EXPIRE] p.kovacs · "Data Protection Training" expires in 14 days · Reminder sent
10:03:31 [LMS.SYNC] Moodle sync · 47 users · 3 new completions · 1 expiry
10:15:00 [PERM.REVOKE] g.horvath · "Lab Area" access revoked · Certificate expired
Moodle Totara TalentLMS Canvas iSpring + custom LMS API
LMS & e-learning integration

Moodle and any LMS platform
automatically synchronized.

When a team member completes required training, Lecnote knows instantly — and automatically activates the appropriate resource access. When a certificate expires, access is revoked. All without any human intervention.

Automatic permission assignment

Course completion immediately activates pre-configured access rights.

Certificate expiry management

Automatic reminders and access revocation when certifications expire.

Open API – works with any LMS

SCORM, xAPI, LTI standards and REST API — if you have an LMS, it can be connected.

Physical access control & parking

We integrate your existing access control hardware, or install our own. See who entered which location and when — all linked to digital access management. One person, one profile, every movement logged.

Zone and building-level permissions

Who can enter the server room, lab or office?

Parking management

License plate recognition, booking and logging.

Movement log & occupancy reports

Who was where and when — searchable and exportable.

Compatible with: Hikvision, ZKTeco, AXIS, Bosch, Suprema and custom hardware

Time tracking & workforce scheduling

Complete time management: attendance logs, shift planning, holiday and absence management. Attendance is generated automatically from access control data — no manual clocking, no paper forms.

Shift planning & scheduling

Visual calendar, rotating shifts, holiday management.

Automatic attendance log

Entry/exit times from access control feed directly into work records.

Payroll export

Monthly summaries, overtime calculation, SAP/HRIS export.

Details & demo request
audit.log — real-time stream
2026-04-15 14:32:01 [AUTH.SUCCESS] t.nagy@company.com · login · IP: 10.1.4.22 · MFA: TOTP
2026-04-15 14:31:17 [PERM.CHANGE] hr-system:read granted → j.smith · approver: p.kovacs
2026-04-15 14:28:44 [ACCESS.DENY] finance.prod:admin · attempt: anon.user · Unauthorized · Alert sent
2026-04-15 14:25:09 [WORKFLOW.OK] WF-2024-1181 closed · VPN cert issued → e.szabo
2026-04-15 14:18:30 [CERT.EXPIRE] TLS cert expires in 14 days · domain: internal.api · Notified: it@company.com
2026-04-15 14:15:02 [DATA.EXPORT] Report export · user: j.white · format: PDF · NIS2 audit
2026-04-15 14:02:11 [ANOMALY] Unusual login location · user: g.horvath · Country: RO · MFA enforced
2026-04-15 13:58:44 [POLICY.OK] Mandatory password change · 47/47 users completed · Compliance: 100%
● Live stream · 2M+ events/day · 365-day retention
Tamper-proof audit

Every event recorded.
Immutably.

Lecnote's logging system is built so that nobody — not even an administrator — can modify or delete recorded events after the fact. This is the foundation of legal compliance and incident handling alike.

Immutable log storage

Logs are stored on write-once storage. A cryptographic hash chain ensures integrity — any tampering is immediately detectable.

Real-time search & filtering

Any event can be retrieved in seconds by user, timestamp, event type or affected system — across up to one year of history.

Anomaly detection & alerting

The system automatically flags unusual behavioral patterns: suspicious login locations, bulk permission requests, off-hours access attempts.

Compliance report export

Pre-built report templates for NIS2, ISO 27001, GDPR and internal audits. PDF and CSV export, with optional scheduled email delivery.

Regulatory compliance

Lecnote's logging, access management and audit features help meet the most important compliance requirements.

NIS2 8+ control points ISO 27001 A.9 / A.12 / A.16 GDPR privacy by design
Pricing

A tailored quote
for every organization.

We don't believe in one-size-fits-all pricing. Request a custom quote — together we'll find the right solution and terms for your organization.

Starter

Custom quote

Smaller organizations · flexible terms

  • Access management (RBAC)
  • Workflow management
  • Audit log (90 days)
  • AD/LDAP synchronization
  • Email & web support
  • LMS integration
  • Physical access control
  • Time tracking
Request a quote
Most popular

Pro

Custom quote

Mid-size & larger organizations · on-premise option

  • All Starter features
  • LMS / Moodle integration
  • Physical access control integration
  • Time tracking & scheduling
  • Audit log (365 days)
  • REST API + Webhooks
  • Priority phone support
  • On-premise / own server
Request a quote

Enterprise

Custom quote

Large enterprise · multi-site · on-premise

  • All Pro features
  • Own server / private cloud
  • Custom hardware installation
  • Parking system deployment
  • Custom integration development
  • Dedicated security engineer
  • 4-hour SLA guarantee
  • Annual audit consulting
Request a quote

Social solidarity

Discounted pricing for educational and cultural institutions.

We believe that secure digital operations are not a luxury, but a right. That's why we offer discounted pricing for schools, universities, libraries, museums and non-profit cultural organizations — because their knowledge and work is a value for all of society. Contact us to request an institutional quote.

Request institutional quote

Custom pricing & Partners

We'll find the best solution for your organization.

Not every organization fits into a box. If you have special requirements — multi-site deployment, reseller partnership, public sector framework agreements or unique hardware integration — contact our partners directly for a tailored quote. We'll design the solution that fits you.

Request custom quote Request a callback

All prices exclude VAT. Request a detailed, personalized quote.

Knowledge base & Blog

Security knowledge
you can put to use.

View all articles
Strategy

Why use a centralized management platform?

Fragmented systems are not just an efficiency problem — they carry serious security risks. A central platform solves this.

8 min read
NIS2 & Compliance

NIS2 compliance: how an access management system helps

The EU NIS2 directive sets specific technical requirements. We walk through what needs to be met and how.

11 min read
Cybersecurity

Cybersecurity strategy: the platform's role in Zero Trust

Zero Trust's core principle: "never trust, always verify." How does a central platform implement this?

9 min read
Access Management

Access management best practices — what every CISO needs to know

Over-privileged accounts are one of the most common internal security risks. A step-by-step guide to protection.

10 min read
Personal demo

See Lecnote
in action.

In a 45-minute, no-obligation online session we show you exactly how Lecnote fits into your organization's existing infrastructure.

Live system demo

We configure and show the platform based on your own organizational structure.

NIS2 gap analysis

A short questionnaire helps us identify compliance gaps and show how Lecnote closes them.

With a certified security expert

A Lecnote-certified security advisor joins the demo to answer all your questions.

45-minute online meeting
No commitment required
Within 3 business days

Book a demo session

Your data is used solely to schedule the demo. GDPR-compliant data handling.