Incident Reporting
Meet Article 14 deadlines — never miss a submission window.
Article 14 of the CRA requires manufacturers to report actively exploited vulnerabilities and incidents to ENISA within strict time windows: 24h early warning, 72h detailed report, and a final report within 14 days of patch availability (or 1 month from discovery). CRAReady tracks all three deadlines per incident and alerts you before they pass.
Start Managing IncidentsEverything you need
Visual timeline showing all three Article 14 deadlines per incident
Stage-gated report forms: early warning → detailed → final
Countdown timers for each upcoming deadline
CSAF advisory builder with real-time csaf-validator-lib validation
Export CSAF 2.0 JSON files ready for ENISA submission
How it works
1
Log the incident
Record discovery date and product — CRAReady calculates all three Article 14 deadlines instantly.
2
Submit staged reports
Fill each stage form within its window. CRAReady enforces the correct submission order.
3
Export your CSAF advisory
Build and validate a CSAF 2.0 document, then download it for submission.
Ready to get started?
Join manufacturers already using CRAReady to manage their CRA compliance obligations.
Start Managing Incidents