Curated resources for the EU Cyber Resilience Act (Regulation 2024/2847): regulation, harmonised standards, EUCC, SBOM, vulnerability management, conformity assessment

Automated CVE alerting/reporting tool based on ENISA vulnerability database

Comprehensive and zero dependency Go library for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.

The most comprehensive open-source mapping of OWASP GenAI risks to industry frameworks - 65 mapping files, 25 frameworks, 1,514 controls, 114 incidents, ML classifier pipeline. Source lists: LLM Top 10, Agentic Top 10, DSGAI 2026. EU AI Act, NIST, ISO, SOC 2, FedRAMP, DORA, OT/ICS, MITRE ATLAS.

Data summarization of the European Cybersecurity Skills Framework (ECSF) from The European Union Agency for Cybersecurity (ENISA).

Rust client library for ENISA's European Union Vulnerability Database (EUVD). Async API with rate limiting, typed models, and full search/advisory support.

CLI tool for BSI TR-03183-2 SBOM generation, enrichment, validation, and submission. CycloneDX 1.6 / SPDX 2.3 compliant. AGPL-3.0 licensed.

Unofficial EUVD API Documentation

EU CRA Article 14 actively-exploited-vulnerability reporter - ENISA + CSIRT payload. 11 Sept 2026 cliff. MIT. By MEOK AI Labs.

Go vulnerability data aggregator with EU CRA compliance - 28 providers including EU-specific feeds (KEV, EUVD, BSI CERT-Bund, CERT-FR)

Presentation for the ENISA event How to achieve the Interoperability of EU Risk Management Frameworks.

Open-source CLI for preparing EU Cyber Resilience Act (Regulation 2024/2847) Article 14 notifications for the ENISA Single Reporting Platform.

Open NIS2 supply-chain questionnaire as a typed Zod schema. 56 fields across 6 sections, anchored to NIS2 Art. 21(2) / CIR 2024/2690 / ENISA TIG / IT-Grundschutz / GDPR Art. 28.

LaTeX class and template for the European Union Agency for Cybersecurity

MCP server for CTI and cyber jargon disambiguation — MITRE ATT&CK, OFAC SDN, and a hand-curated cross-vendor threat-actor alias map, with FTS5 full-text search across sources

GDPR Breach Response Sentinel Agent Skill (open standard) — ENISA severity assessment, EDPB case matching, Art. 33/34 notification support, audit-ready .docx generation

Open-source CRA/NIS2 compliance reporting server — SBOM management, vulnerability scanning (VulnzMatcher), VEX lifecycle, CSAF advisory generation, audit trail, and ENISA submission. AGPL-3.0 licensed.