Updated CVD Portal to empower the EU Economic Ecosystem
The revised CVD Portal infrastructure framework renews our approach to engagement with industry partners. It strengthens the alignment to the EU's cybersecurity policies and the promotion of CRA compliance standards...
EU Cyber Resilience Act Compliance Roadmap
CRA Published
Regulation (EU) 2024/2847 enters into force
Enforcement Begins
Mandatory compliance for all products in scope
Full Enforcement
All provisions applicable, legacy products included
Three Pillars of CRA Compliance
A complete vulnerability disclosure infrastructure designed for economic operators subject to the Cyber Resilience Act.
24/72/14 Reporting
Automatic acknowledgment within 24 hours, vendor notification within 72 hours, and coordinated disclosure within 14 days — all aligned with ENISA guidelines.
Single Point of Contact
A unified, branded vulnerability intake portal for your organization. Security researchers submit reports through a standardized, encrypted channel.
ENISA-Aligned Triage
All submissions follow ENISA coordinated vulnerability disclosure (CVD) best practices with CVSS scoring, reporter communication, and mitigation tracking.