Information for Citizens
The Cyber Resilience Act (CRA) is a landmark regulation that ensures hardware and software products entering the European market are secure. We help translate these requirements into safety for you.
What is Coordinated Vulnerability Disclosure (CVD)?
CVD is a process where security researchers find flaws in products and report them to manufacturers before they can be exploited by malicious actors. This coordination allows for patches to be developed and distributed privately.
As a citizen, CVD means your smart devices, apps, and software are continuously being tested and hardened against attacks, with a legal framework ensuring companies act on these findings.
How the CRA Protects You
- Mandatory Security: Manufacturers must ensure products are secure at the point of sale.
- Lifetime Support: Products must receive security updates for their expected lifetime.
- Transparency: You have the right to know about serious security vulnerabilities and how to fix them.