Curated resources for the EU Cyber Resilience Act (Regulation 2024/2847): regulation, harmonised standards, EUCC, SBOM, vulnerability management, conformity assessment
-
Updated
May 25, 2026
Curated resources for the EU Cyber Resilience Act (Regulation 2024/2847): regulation, harmonised standards, EUCC, SBOM, vulnerability management, conformity assessment
Automated CVE alerting/reporting tool based on ENISA vulnerability database
Comprehensive and zero dependency Go library for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.
The most comprehensive open-source mapping of OWASP GenAI risks to industry frameworks - 70 mapping files, 25 frameworks, 1,016 controls, 125 incidents, ML classifier pipeline. Source lists: LLM Top 10, Agentic Top 10, DSGAI 2026. EU AI Act, NIST, ISO, SOC 2, FedRAMP, DORA, OT/ICS, MITRE ATLAS.
Data summarization of the European Cybersecurity Skills Framework (ECSF) from The European Union Agency for Cybersecurity (ENISA).
CLI tool for BSI TR-03183-2 SBOM generation, enrichment, validation, and submission. CycloneDX 1.6 / SPDX 2.3 compliant. AGPL-3.0 licensed.
Go vulnerability data aggregator with EU CRA compliance - 28 providers including EU-specific feeds (KEV, EUVD, BSI CERT-Bund, CERT-FR)
Open NIS 2 supply-chain security questionnaire as a typed Zod schema. 59 fields across 6 sections, anchored to NIS 2 Art. 21(2), CIR 2024/2690, ENISA Technical Implementation Guidance, GDPR Art. 28 and the Cyber Resilience Act. Includes JSON and JSON Schema artefacts.
Rust client library for ENISA's European Union Vulnerability Database (EUVD). Async API with rate limiting, typed models, and full search/advisory support.
Open-source CRA/NIS2 compliance reporting server — SBOM management, vulnerability scanning (VulnzMatcher), VEX lifecycle, CSAF advisory generation, audit trail, and ENISA submission. AGPL-3.0 licensed.
Presentation for the ENISA event How to achieve the Interoperability of EU Risk Management Frameworks.
Open-source CLI for preparing EU Cyber Resilience Act (Regulation 2024/2847) Article 14 notifications for the ENISA Single Reporting Platform.
EU CRA Article 14 actively-exploited-vulnerability reporter - ENISA + CSIRT payload. 11 Sept 2026 cliff. MIT. By MEOK AI Labs.
Curated open index of EU cybersecurity and data protection compliance resources: NIS 2, GDPR, DORA, EU AI Act, Cyber Resilience Act and ePrivacy. Official regulations, ENISA and BSI IT-Grundschutz guidance, national authorities, open-source schemas and toolkits.
MCP server for CTI and cyber jargon disambiguation — MITRE ATT&CK, OFAC SDN, and a hand-curated cross-vendor threat-actor alias map, with FTS5 full-text search across sources
GDPR Breach Response Sentinel Agent Skill (open standard) — ENISA severity assessment, EDPB case matching, Art. 33/34 notification support, audit-ready .docx generation
Add a description, image, and links to the enisa topic page so that developers can more easily learn about it.
To associate your repository with the enisa topic, visit your repo's landing page and select "manage topics."