While machine-readable formats like CSAF are crucial for automation, clear, human-readable User Advisories remain essential for communicating risk to end-users, system administrators, and the general public. The CVD Portal provides a dedicated environment for drafting, reviewing, and publishing comprehensive security advisories that meet the transparency requirements of the Cyber Resilience Act (CRA).
The portal includes customizable advisory templates that guide you through documenting the necessary information, such as the vulnerability description, impact analysis, affected versions, and clear, step-by-step mitigation instructions. Drafts can be collaboratively edited by security, engineering, and communications teams before final approval. Built-in approval workflows ensure that advisories are thoroughly vetted for accuracy and appropriate tone before public release.
Coordinating the release of a user advisory with the availability of a patch is a delicate process. The portal helps manage this timeline, allowing you to schedule publication to coincide with your public disclosure embargo dates. By providing clear, actionable intelligence to your users, you empower them to secure their environments and demonstrate your organization's commitment to proactive security communication.