Login Take a Tour Book a Demo
Login Take a Tour Book a Demo
Login Take a Tour Book a Demo
Download a PDF version
EU CRA page 1
EU CRA page 2

EU CRA Requirements

  • Secure by Design: All digital products must be developed following a Secure Development Lifecycle to minimize vulnerabilities during production
  • Vulnerability Management: Implement processes to identify, mitigate, & report vulnerabilities within 24 hours to the European Union Agency for Cybersecurity (ENISA)
  • Regular Security Updates: Products must receive security updates throughout their expected lifecycle, with a minimum of five years of support
  • Transparency: Must provide clear & accessible documentation, including software bill of materials (SBOM), user instructions, & security labeling to help consumers make informed choices
  • Conformity Assessments: Depending on product risk category, self-assessments or third-party evaluations may be required to demonstrate compliance with the CRA’s requirements