Six Compliance Modules
Everything you need to meet your EU Cyber Resilience Act obligations — assessment, reporting, SBOM, vulnerabilities, disclosure, and board reporting.
CRA Assessment
Guided 12-question wizard to determine if the CRA applies, your product classification, and your conformity route. Export a branded PDF for auditors.
Learn more →Incident Reporting
Article 14-compliant workflows with stage-gated forms: early warning (24h), detailed report (72h), and final report. Automated email alerts before each deadline.
Learn more →SBOM Generation
Automated CycloneDX SBOM creation from GitHub repositories or ZIP uploads, with version tracking, diff analysis, and per-product scan history.
Learn more →Vulnerability Scanning
Continuous scanning against NVD, EUVD, OSV, and GitHub Advisory databases. EPSS exploitation-probability scoring, VEX statement generation, and risk dashboards.
Learn more →Vulnerability Disclosure Portal
A public-facing disclosure page for each product — no account required for reporters. Submissions auto-create Article 14 incidents for analyst triage.
Learn more →Board Compliance Reports
On-demand PDF reports designed for board-level review. Covers overall RAG status, per-product posture, risk exposure, and upcoming Article 14 deadlines.
Learn more →