Free CRA tools
Every tool below closes a real checklist item from the Risk Check. Free, no signup, no data stored.
SBOM vulnerability scanner
Upload a CycloneDX or SPDX SBOM, get known vulnerabilities from the OSV database plus a license summary. Runs live, no signup.
Art. 14 reporting deadline calculator
Actively exploited vulnerability or severe incident? Compute your 24h / 72h / final-report deadlines and get pre-filled ENISA report drafts.
security.txt generator
RFC 9116-compliant security.txt in 30 seconds — the cheapest CRA checklist point you'll ever score.
CVD policy generator
A coordinated vulnerability disclosure policy is a hard Annex I requirement. Generate a solid one from five inputs.
EU Declaration of Conformity generator
The Annex V declaration skeleton for default-class products, generated from your product details.