Erdo CRA Compliance

Run automated scans against EU Cyber Resilience Act requirements, GDPR technical obligations, and NIS2 security controls. Get a colour-coded pass/fail/warning report.

A central hub showing your compliance score across all three regulations, outstanding issues, and improvement history over time.

Export a professionally formatted PDF report listing all scanned controls, their status, and remediation steps. Ready to share with clients or auditors.

Automatically generate a Vulnerability Disclosure Policy — a CRA requirement. Published at a standard URL and formatted to RFC 9116.

Generate a Software Bill of Materials listing all active plugins and their versions. Required under CRA for connected products sold in the EU.

Create and host a security.txt file at /.well-known/security.txt — a CRA requirement that tells security researchers how to report vulnerabilities.

Run Your First Scan

Install the plugin and click "Run Compliance Scan". It checks your site against CRA, GDPR, and NIS2 requirements in under 60 seconds.

Fix the Issues

The dashboard lists every failing control with an explanation and step-by-step remediation guide. Fix issues one by one.

Generate Documentation

Once your score improves, generate your VDP, SBOM, security.txt and conformity declaration — all required documents in one place.

What's included — free

• + Initial release
• + CRA / GDPR / NIS2 compliance scanner
• + Visual compliance dashboard
• + PDF audit report export
• + VDP, SBOM, security.txt generators
• + EU Conformity Declaration template