Stay Ahead of the
Cyber Resilience Act with CRAken
The complete Vulnerability Disclosure Program (VDP) platform. Collect, manage, and analyze vulnerability reports to ensure compliance with EU regulations.
The Cost of Non-Compliance
The Cyber Resilience Act isn't just a guideline—it's a regulation with sharp teeth. Failing to comply puts your business at significant financial and operational risk.
Massive Fines
Penalties can reach up to €15 Million or 2.5% of global turnover, whichever is higher, for non-compliance with essential security requirements.
Reporting Violations
Failure to report actively exploited vulnerabilities or severe incidents within the strict deadlines (24 hours) can result in fines up to €10 Million or 2% of turnover.
Market Withdrawal
Perhaps most critically, national surveillance authorities have the power to prohibit or restrict the making available of non-compliant products on the EU market.
Everything you need for CRA Compliance
Discover how CRAken helps you manage vulnerability reports, ensure compliance, and protect your software supply chain.
Secure Intake & Reporting. Standardized vulnerability collection.
Offer a secure channel for researchers to report vulnerabilities. Use our generator to create your security.txt file and ensure compliance with the Cyber Resilience Act (CRA) instantly. This covers the mandatory Single Point of Contact (SPOC) requirement for vulnerability handling.
Secure submission forms to protect sensitive vulnerability data.
Generate the standard security.txt file to guide security researchers, as required by EU standards.
Adapt the Vulnerability Disclosure Policy to your company's requirements.
Smart Triage & Analytics. Manage reports efficiently.
A centralized dashboard to triage, analyze, and resolve vulnerability reports with team collaboration tools. Meet strict CRA reporting deadlines (e.g., 24h early warning) with automated SLA tracking and efficient workflows.
Integrated CVSS calculator to accurately assess severity.
Monitor Mean Time to Triage (MTTT) and Mean Time to Resolution (MTTR) to ensure compliance.
Assign reports, comment internally, and manage statuses.
Compliance Reports. Proof for audits and regulators.
Generate comprehensive certificates and PDF reports to demonstrate your compliance with the Cyber Resilience Act. Move beyond spreadsheets and ensure full traceability of every vulnerability handling action.
One-click generation of compliance reports for any time period.
Full traceability of actions taken on every report for audit purposes.
Full ownership of your data with JSON export capabilities.
Pricing
Choose the plan that works best for you.
Starter
- Vulnerability Disclosure Policy
- Vulnerability submission form
- CRA compliant reports (PDF+JSON)
- Security.txt file generator
- High-level dashboard
- Up to 4 products
- Password with 2FA, passkeys, Social Login
- Support by email
Business
- All starter features
- Unlimited products
- Delegation of triage & analysis to a CRAken's expert (optional)
- Integration to Github, Gitlab, Slack, Teams
- Priority support by email (48h)
Enterprise
- All Business plan features
- Volume-based pricing for report delegation
- Multi-tenancy
- On-Premise or dedicated instance
- Enterprise support (teams, slack, ...)
Frequently asked questions
Do you have any questions? We have got you covered.