OSCRAT EU Project Presentation

The Cyber Resilience Act introduces new

cyber security obligations for products

with digital elements placed on the

European market. For many European small

and medium-sized enterprises,

understanding and complying with these

requirements can be complex and resource

inensive.

Manufacturers and developers are

required to improve product security

from design through the entire life

cycle, ensuring transparency,

resilience, and safe use of digital

products. However,

often lack the practical tools and

structured guidance needed to address

these challenges effectively.

Oscrat stands for open-source cyber

resilience act tools. It is a digital

Europe project funded by the European

Union designed to supportmemes with

practical open-source tools for cyber

resilience act compliance.

The main objective of OSCRAT is to

simplify CRA compliance by providing

accessible tools for cyber security risk

management documentation and regulatory

alignment. At the same time, the project

promotes collaboration between small and

medium-sized enterprises, cyber security

experts, and relevant stakeholders

across Europe.

The Oscrat platform supports small and

medium-sized enterprises across key

areas of CRA compliance. These include

automated compliance assessments,

software bill of materials generation,

structured vulnerability management,

incident handling aligned with European

reporting requirements and centralized

technical documentation.

The tool guides users through a

structured process starting from product

classification followed by automated

checklists, SBOM generation,

vulnerability assessment, incident

evaluation, and documentation

management. This approach helpsmemes

address CRA obligations in a clear and

systematic way.

OSgrat provides an intuitive platform

where organizations can manage products,

track compliance activities, and

maintain all relevant cyber security and

regulatory information in one place.

SMMES are at the heart of Oscrat.

Through the project, they gain early

access to practical tools that simplify

cyber resilience act compliance, helping

reduce both time and costs. By joining

the testing phase, SMEES can directly

strengthen their cyber security posture

through vulnerability identification,

incident management, and automated

documentation. Their feedback also helps

shape an open-source solution that

improves digital security and resilience

across the European market.

Co-unded by the European Union, views

and opinions expressed are however those

of the authors only and do not

necessarily reflect those of the

European Union or the European Cyber

Security Industrial Technology and

Research Competent Center.

On this channel, we will share project

updates, training sessions, workshops,

and demonstrations of the Oscrat tools.

Follow the project to stay informed and

discover how Oscrat can support your

journey towards Cyber Resilience Act

compliance.