Scan your firmware, source code, and RTOS configuration — then map findings to all 21 CRA requirements with a prioritized remediation roadmap.
From source code analysis to auditor-ready documentation — purpose-built for embedded systems, not adapted from web-app scanners.
Auto-detects your platform and runs targeted checks. Zephyr Kconfig, STM32 CubeMX .ioc, FreeRTOS config, Nordic nRF5, Mbed OS, RTX5 — plus generic Cortex-M hardening for any project.
Maps every finding to all 21 Annex I requirements. See exactly what's compliant, what's partial, and where the gaps are — with a prioritized remediation roadmap and effort estimates.
Binary hardening checks (NX, PIE, canaries), weak crypto detection, secrets scanning, unsafe C patterns, compiler flag validation, and linker script analysis.
Generate EU Declaration of Conformity drafts and Technical Documentation skeletons per CRA Annex IV/V — pre-filled from your scan results, in HTML and PDF.
Auto-generate CycloneDX SBOMs from CMake, npm, pip, Zephyr west, Yocto, and PlatformIO. Scan against NVD/OSV for CVEs. Manage VEX statements with OpenVEX and CSAF export.
Share hash-verified compliance snapshots with auditors and notified bodies via secure, expiring links with SHA-256 integrity verification.
Inline diagnostics, compliance status panel, CodeLens hints on Kconfig and .ioc files, and scan-on-save — all without leaving your editor.
Auto-generate pipeline configs for GitHub Actions, GitLab CI, and Bitbucket. Set quality gates that fail builds on critical or high-severity findings.
Point CRAGuard at your project directory and run one command. It detects your platform, creates a config, runs a full scan, and generates your gap analysis report.
CRAGuard auto-detects your project type and runs the right analyzers automatically.
Start free, scale as you grow. All plans include all 21 CRA requirement checks.
Start scanning your embedded products today. No credit card required.
Start free trial