Unified Vessel Command & Compliance

The Operating System
of Your Vessel

NCoDE Command connects to your onboard systems - legacy and modern - and brings their data into one unified, secure, customisable interface.

No more spreadsheet compliance. No more audit surprises. NCoDE Command handles incident reporting, patch management, training tracking, and backup verification β€” so your crew can focus on running the ship while shore manages compliance.

Request a Demo See What Changes

Regulatory Enforcement Is Here

USCG 33 CFR 101 Subpart F Enforcement began July 2025 - cyber security compliance now mandatory for US-calling vessels
EU NIS2 Directive Transposed October 2024 - maritime operators classified as essential entities
IMO MSC-FAL.1/Circ.3 In effect since January 2024 - cyber risk management required in Safety Management Systems
Classification Societies Increasing cyber notation requirements from Lloyd's, Bureau Veritas, RINA, and others

Maritime cyber attacks increased 103% in 2025. GPS spoofing now affects 40,000+ vessels daily. Ransomware has shut ports for days. The average attack costs $550,000 - and most vessel operators' insurance doesn't cover it.

See real incidents →
REGULATORY COMPLIANCE

Built for the USCG 33 CFR 101 Cybersecurity Rule

The USCG cybersecurity rule took effect July 2025. Cybersecurity plans must be submitted by July 2027. NCoDE Command maps every requirement β€” from CySO designation to incident reporting β€” into guided workflows with audit-ready evidence.

πŸ‡ΊπŸ‡Έ

USCG 33 CFR 101

15 requirements mapped. CySO tracking, cybersecurity plans, NRC reporting with 30-day follow-up, drill scheduling, and technical control evidence.

πŸ‡ͺπŸ‡Ί

EU NIS2 Directive

Three-stage CSIRT reporting β€” 24-hour early warning, 72-hour detailed notification, 30-day final report. All 10 Article 21 measures tracked.

🌍

IMO MSC-FAL.1/Circ.3

NIST framework for maritime. SMS chain reporting β€” Captain to DPA to Company. ISM Code integration and flag state notification.

Powered By

NCoDE™ Engine MX100

NCoDE Command runs on the MX100 - our high-performance onboard platform built for the processing demands of real-time compliance, multi-framework governance, and enterprise vessel operations. The MX100 collects data from your marine systems (NMEA 2000, Modbus, J1939), processes it in real time, and delivers it to Command for visualisation and management.

Learn about the Engine →
See It In Action

One Platform. Complete Visibility.

NCoDE Command brings together operations, compliance, and security into a unified command interface. Here's what it looks like in practice.

NCoDE Command - Operations Dashboard with CCTV, gauges, map, and network stats

Operations Dashboard

Live CCTV feeds, marine gauges, interactive charts with weather overlays, sensor data grid, battery monitoring, and network status - all in one customisable dashboard.

CCTV Marine Gauges Charts Network Battery
NCoDE Command - Maritime Cyber Compliance Dashboard

Cyber Compliance & Governance

Multi-framework compliance tracking for USCG, NIS2, and IMO requirements. Vendor tracker, risk register, and controls implementation - with real-time compliance scoring.

USCG 33 CFR 101 EU NIS2 IMO MSC-FAL.1 Vendor Tracker
NCoDE Command - Document Vault, Risk Register, and Change Management

Risk, Documents & Change Management

Document vault for cybersecurity policies and procedures, risk register with severity tracking, and change management with approval workflows - all audit-ready.

Document Vault Risk Register Change Mgmt
The Challenge

Vessels Are More Connected Than Ever. Compliance Hasn't Kept Up.

Modern vessels run dozens of systems - navigation, propulsion, HVAC, security cameras, network equipment - but operators still manage compliance with spreadsheets, paper checklists, and disconnected tools.

🗒 Fragmented Systems

Data lives in silos. The bridge has one view, the engine room another, shore management a third. Nobody has the complete picture.

  • Navigation data separate from engine monitoring
  • Security cameras disconnected from the command station
  • Network status invisible to operations
  • No unified audit trail across systems

📋 Manual Compliance

When the inspector arrives, you're scrambling through folders, emails, and spreadsheets to prove compliance. It doesn't have to be this way.

  • Paper-based cybersecurity plans
  • No central risk register
  • Vendor access untracked
  • Incident response is ad-hoc

🔒 Access Control Gaps

Shared passwords, no audit logs, and unclear permissions make it impossible to prove who did what and when - exactly what regulators now require.

📈 No Visibility

Shore-side management can't see vessel status in real time. When something goes wrong, you find out late - or not at all.

What NCoDE Command Does

One Interface. Every System. Complete Governance.

NCoDE Command integrates with your existing vessel systems and presents their data through a single, secure command interface. It's not a replacement - it's the layer that connects everything.

Unifies Vessel Data

Navigation, engines, tanks, batteries, environmental sensors, and more - all displayed in real-time dashboards you can customise for any role.

🎥

Integrates CCTV & Security

Live video streams from onboard cameras with 72-hour DVR recording. See what's happening on deck, in the engine room, or at the gangway.

🔒

Manages Access Control

Enterprise-grade user authentication with roles, permissions, and certifications. Every login, every action - logged and auditable.

🛡

Monitors Cyber Security

Integrated vulnerability scanning, security alerts, and patch status for every networked device aboard. Know your exposure before the inspector does.

📄

Tracks Compliance

Multi-framework compliance tracking for USCG, IMO, NIS2, SOLAS, ISM, and more. Every control mapped. Every evidence item captured.

📡

Manages Network & Connectivity

Monitor every WAN link - VSAT, LTE, satellite - with bandwidth usage, signal strength, and device tracking in one view.

9 Regulatory Frameworks
100+ Sensor Types
10 Compliance Modules
25+ Dashboard Widgets
The Transformation

What Changes When You Deploy NCoDE?

The shift from fragmented, manual processes to integrated, audit-ready operations. This is what inspectors expect - and what operators deserve.

Challenge Without NCoDE With NCoDE
Cyber compliance Spreadsheets and paper checklists with no framework tracking Multi-framework compliance tracker with control-level evidence
Vulnerability management Manual PC audits with no centralised visibility Automated vulnerability scanning across all shipboard systems
Access control Shared passwords, manual logs, no audit trail Role-based access with complete authentication audit trail
Incident response Paper-based plans, no structured workflow Guided workflow with severity classification and NRC reporting
Vendor security Email-based assessments, no tracking Vendor database with remote access logging and DPA tracking
Document control File shares with no version control or expiry tracking Document Vault with versioning, expiry alerts, and access logs
Risk assessment Static spreadsheet that nobody updates Dynamic risk matrix with mitigation tracking and ownership
Change management Informal approval via email or conversation Change Control Board: request, review, approve, implement
Audit readiness Scrambling to gather evidence when the inspector arrives Complete digital audit trail ready for inspection at any time
Patch management No visibility into patch status across shipboard systems Full lifecycle tracking: open → scheduled → applied → verified. Deferred patches auto-create risk entries
Backup verification Assume backups work — no verification until disaster strikes Schedule tracking with RPO/RTO targets, restore testing records, and overdue detection alerts
Training compliance Spreadsheet of crew certificates with manual expiry checks LDAP-integrated training matrix with 30/60/90-day expiry warnings and per-role compliance percentage
Regulatory reporting Manual forms filled under pressure, missed deadlines Dedicated panels for USCG NRC, NIS2 Article 23 (three-stage), and IMO SMS chain with automated deadline tracking
Dual Perspective

Designed for Both Sides of the Gangway

NCoDE Command serves the crew on board and the compliance team ashore. The same data, the same platform — different views for different responsibilities.

On Board — Crew Operations

  • ✓ Guided decision tree walks non-technical crew through incident assessment
  • ✓ Plain-language prompts with visual severity indicators
  • ✓ Departure, arrival, and weekly cyber security checklists
  • ✓ Real-time operational dashboards — engines, tanks, navigation
  • ✓ Local LDAP authentication — works offline with no shore connectivity
  • ✓ Evidence collection and containment procedures built into every workflow
🏢

Ashore — Compliance Management

  • ✓ Full visibility into vessel compliance status from any browser
  • ✓ Submit NRC, NIS2, and IMO reports on behalf of the vessel
  • ✓ Approve or reject change requests and patches remotely
  • ✓ Monitor Wazuh endpoint security across all vessel systems
  • ✓ Vendor management, access log review, and DPA tracking
  • ✓ Training certificate oversight — let the crew run the ship
Incident Workflow

From Detection to Regulatory Submission

One incident. Multiple frameworks. Automated deadlines. NCoDE manages the entire lifecycle so nothing falls through the cracks.

1

Detect & Classify

Expanded decision tree covers ransomware, DDoS, supply chain, insider threats, and GPS spoofing. System recommends workflows automatically.

2

Auto-Generate

System creates structured incident descriptions, impact assessments, and containment steps. Detects safety-critical system involvement automatically.

3

Activate Deadlines

Select frameworks and the system auto-creates every deadline: USCG NRC immediate + 30-day, NIS2 24h/72h/30d, IMO SMS + flag state.

4

Submit Reports

Dedicated panels: NRC form, NIS2 three-stage (early warning → detailed → final), and IMO SMS chain (Captain → DPA → Company → Flag State).

System Integration

Connects to What You Already Have

NCoDE works with your existing systems. No rip-and-replace. It sits on top of your infrastructure and unifies the data into one command interface.

Navigation Sensors

NMEA 2000, NMEA 0183 - GPS, depth, heading, speed, weather

Engine & Industrial

Modbus, J1939, CAN Bus - RPM, temperatures, pressures, run hours

🎥

CCTV Cameras

RTSP, ONVIF - live streams and 72-hour DVR recording

📡

Network Equipment

Peplink, VSAT, LTE/5G - bandwidth, signal, device tracking

🔒

Identity Directory

LDAP - user accounts, roles, permissions, certifications

🛡

Security Platform

Wazuh SIEM - vulnerability scans, alerts, compliance checks

💧

Tank Systems

Fuel, water, grey water, black water - levels and alarms

Power Systems

Battery banks, generators, shore power - voltage, charge state

Governance & Compliance

Ten Modules Built for Auditors

NCoDE includes dedicated compliance modules that map directly to USCG, IMO, NIS2, ISM, and classification society requirements. Each module generates the evidence an inspector expects.

🛡 Maritime Cyber Compliance

Multi-framework compliance tracking, key personnel management, incident response workflow, penetration test scheduling, and NRC reporting - all in one module.

USCG 33 CFR 101 IMO MSC-FAL.1 EU NIS2

Risk Register

5×5 likelihood-impact risk matrix with mitigation tracking, risk ownership, and review scheduling. The formal risk assessment required by ISM Code and USCG cyber rules.

ISM Code 1.2.2 USCG §101.645

📄 Document Vault

Controlled document storage with version history, expiry tracking, access logging, and role-based permissions. ISM-compliant document management.

ISM Code 11 Classification

Change Management

Full change control workflow: request, review, approve, implement, rollback. Every modification to safety-critical systems documented and authorised.

ISM Code 10 USCG §101.650

👥 Vendor Tracker

Third-party vendor assessment with security scoring, remote access logging, Data Processing Agreement tracking, and access control.

USCG §101.650 EU NIS2 Art. 21(2)(d)

🔒 LDAP Administration

User access control with roles, permissions, groups, and certification tracking. Every login audited. Every permission documented.

ISM Code 12 ISPS Code USCG §101.650

🔧 Patch Lifecycle Management

Full state machine: open → scheduled → applied → verified. Deferred patches auto-create risk entries. Applied patches generate change management records. Wazuh SCA import for automated findings.

USCG §101.650(e) NIS2 Art. 21(2)(e) ISM 10.1

💾 Backup & Recovery

Schedule tracking with RPO and RTO targets per system. Verification records with restore testing. Overdue detection at 1.5× warning and 2× critical frequency thresholds.

USCG §101.650(c) NIS2 Art. 21(2)(c) IMO §4.5

🎓 Training Matrix

Crew-by-certification grid with 30, 60, and 90-day expiry warnings. Per-role compliance percentage. Bulk assignment after drills. Fully integrated with LDAP crew directory.

USCG §101.665 ISM Code 6 STCW

🛡 Software Allowlist

Per-agent software baseline management. Global allowlist for approved packages. Automated violation detection when unapproved software appears on any monitored endpoint.

USCG §101.650(b) NIS2 Art. 21(2)(e)
Who Uses NCoDE

Every Role in the Compliance Chain

NCoDE serves everyone from the master on the bridge to the DPA in the shore office - giving each role the view they need.

🚢

Vessel Operators

Single platform for operational safety, cyber compliance, and crew management

💻

Cyber Security Officers

Complete cyber risk management with vulnerability scanning and incident response

📝

DPA / Shore Management

ISM compliance evidence, audit logs, and document control from one system

🔎

Inspectors & Surveyors

Audit-ready evidence for every regulatory framework in a structured format

🏢

Shore-Based Operators

Submit regulatory reports, approve patches and changes, manage vendors and training — all remotely while the crew runs the ship

🌎

Fleet Managers

Aggregated compliance across all vessels via NCoDE Fleet. Drill down to individual vessel status and comparative analytics

Ready to be audit-ready?

NCoDE Command brings your vessel's operations, cyber security, and regulatory compliance into one unified platform. One interface. Every system. Complete governance.

Request a Demo Contact Us
🖥
Technical Deep Dive
View Product Capabilities →
Regulatory Mapping
View Compliance Matrix →