Plattform-Funktionen
Alles was Sie brauchen, um EU CRA Compliance zu erreichen und aufrechtzuerhalten. Entdecken Sie unsere umfassende Suite von Tools mit Echtzeit-Benachrichtigungen und Team-Zusammenarbeit.
Product Inventory
Manage your entire product portfolio with hierarchical structure, variants, and versions. Classify products per CRA requirements automatically.
Hierarchical Structure
Organize products into families, variants, and versions with full parent-child relationships.
CRA Classification
Guided wizard to classify products as Default, Class I, Class II, or Critical per CRA requirements.
Bulk Import
Import products via CSV or connect to existing PLM systems for automatic synchronization.
Component Tracking
Track shared components across products to understand vulnerability impact.
Version Control
Maintain version history for audit trails and compliance documentation.
Advanced Search
Filter and search across your entire product portfolio with powerful queries.
Key Benefits
- Complete visibility into your product portfolio
- Automatic CRA classification with guided wizards
- Track component usage across all products
- Maintain audit-ready version history
- Import existing data from PLM systems
Product Hierarchy
SBOM Management
Import, store, and analyze Software Bills of Materials in CycloneDX and SPDX formats. Track component dependencies across products.
Multi-Format Support
Import SBOMs in CycloneDX (JSON/XML) and SPDX (JSON/YAML/RDF) formats.
Dependency Tree
Visualize complete dependency trees with transitive dependency tracking.
Auto-Generation
Connect CI/CD pipelines to automatically generate and update SBOMs.
License Analysis
Identify license obligations and potential conflicts across components.
Export & Share
Export SBOMs in standard formats for customers and regulatory bodies.
Change Alerts
Get notified when component dependencies change or new versions are available.
Key Benefits
- Support for all major SBOM formats
- Automatic vulnerability correlation
- License compliance tracking
- CI/CD integration for continuous updates
- Customer-ready export formats
Component Tree
CycloneDX v1.5Vulnerability Tracking
Detect vulnerabilities automatically, track SLAs, meet CRA Article 14 ENISA notification requirements, and manage risk acceptance workflows.
Auto-Detection
Automatically match SBOM components against NVD, OSV, and GitHub Advisory databases.
SLA Tracking
Track time-to-acknowledge, assess, and remediate with configurable SLA targets per severity.
ENISA Notifications
CRA Article 14 compliant: 24-hour deadline tracking for actively exploited vulnerabilities.
Risk Acceptance
Formal approval workflows for accepting risk with audit trail and expiration tracking.
Impact Analysis
See which products are affected and track per-product remediation strategies.
CVD Management
Manage coordinated vulnerability disclosure with security researchers.
Key Benefits
- CRA Article 14 ENISA notification support
- Configurable SLA targets per severity level
- Formal risk acceptance with approval workflows
- Real-time vulnerability detection from multiple sources
- Per-product impact and remediation tracking
CVE-2024-1234
CriticalSecurity Controls
Pre-defined CRA control templates with gap analysis. Map controls to multiple frameworks including IEC 62443 and ISO 27001.
CRA Templates
Pre-built control library aligned with EU CRA essential requirements.
Multi-Framework
Map controls to IEC 62443, ISO 27001, NIST CSF, and custom frameworks.
Gap Analysis
Identify missing controls and prioritize implementation efforts.
Product Assignment
Assign controls to specific products with inheritance support.
Coverage Tracking
Real-time visibility into control implementation status.
Evidence Linking
Connect evidence documents directly to control implementations.
Key Benefits
- Pre-built CRA control library
- Cross-framework compliance mapping
- Automatic gap identification
- Real-time coverage metrics
- Audit-ready evidence linking
CRA Control Coverage
87% CompleteEvidence & Reports
Collect and organize compliance evidence. Generate self-assessment reports and keep your team aligned with real-time alerts.
Evidence Repository
Centralized storage for all compliance documents with version control.
Auto-Collection
Connect CI/CD pipelines to automatically collect test results and scan reports.
Report Generation
One-click self-assessment reports (Konformitätserklärung) with templates.
Audit Packages
Export complete audit packages with all evidence and documentation.
Team Notifications
Real-time alerts via email, Slack, and Teams when action is needed.
Audit Trail
Complete history of all changes with who, what, when, and why.
Key Benefits
- Centralized evidence management
- Automated evidence collection
- One-click compliance reports
- Multi-channel team notifications
- Complete audit trail for compliance
Evidence Library
+ UploadVendor & Customer Portal
Assess supplier CRA compliance, publish security advisories, and share product security info through branded portals.
Vendor Assessments
Assess third-party suppliers against CRA requirements with customizable frameworks.
Security Advisories
Publish and manage security advisories for your customers.
Product Security
Display security features and compliance status per product.
Update Portal
Distribute security updates and patches to customers.
Vulnerability Reporting
Accept vulnerability reports from security researchers.
Branded Portals
Customize portals with your branding for vendors and customers.
Key Benefits
- Supplier CRA compliance tracking
- Professional customer communication
- CRA-compliant disclosure process
- Self-service update distribution
- Security researcher engagement
Security Advisories
Public customer portal
Ready to get started?
Start your free trial today and see how Kunnus can transform your CRA compliance.