Partner Programme

Build the CRA compliance ecosystem with us

CVD Portal works with testing laboratories, security consultancies, technology vendors, and resellers to help manufacturers and software publishers meet their Article 14 obligations. Our partner programme creates commercial and technical relationships that extend reach and deepen compliance outcomes for shared clients.

Partnership models

We support four distinct partnership structures depending on your organisation's role in the product security ecosystem.

Testing & Certification Labs

Security evaluation laboratories and certification bodies that assess products for CRA compliance. Partner to recommend CVD Portal to clients preparing for or undergoing conformity assessments.

  • Refer clients to CVD Portal as part of CRA audit readiness
  • Bundle disclosure infrastructure with certification packages
  • Joint guidance on Article 14 compliance requirements
  • Co-authored readiness checklists for IoT and embedded products

Security Consultancies

Independent security consultancies and advisory firms that help manufacturers and software publishers design CRA-compliant vulnerability management processes.

  • Implement CVD Portal as part of client engagements
  • Design and optimise vulnerability disclosure workflows
  • Regulatory readiness and gap analysis advisory
  • SBOM and HBOM governance support

Technology Partners

Product security platforms, SBOM tooling, and DevSecOps solutions that integrate with CVD Portal to connect internal vulnerability tracking with external disclosure workflows.

  • API integration between SBOM/SCA tools and CVD Portal
  • Bidirectional vulnerability lifecycle synchronisation
  • Automated CSAF advisory generation
  • Joint product security dashboards for manufacturers

Resellers

Managed security service providers and regional distributors that package and deliver CVD Portal to their customer base as part of a broader compliance offering.

  • License and distribute CVD Portal to client organisations
  • Local sales, onboarding, and first-line support
  • Industry and regional specialisation
  • Co-marketing and pipeline development support

Why partner with CVD Portal?

The Cyber Resilience Act creates a structural demand for vulnerability disclosure infrastructure across thousands of manufacturers and software publishers in the EU. Our partners are positioned to capture that demand.

01

Accelerate client compliance

Give clients a ready-made Article 14 disclosure infrastructure. No build time, no maintenance overhead.

02

Expand your CRA service portfolio

Add a concrete, auditable deliverable to your advisory, testing, or managed service offering.

03

Revenue share and referral terms

Formalised commercial arrangements for resellers and referral partners, with clear margin structure.

04

Co-marketing and thought leadership

Joint webinars, whitepapers, and conference appearances to build visibility in the CRA compliance market.

05

Technical integration support

Dedicated API documentation and engineering support for technology integration partnerships.

Become a partner

Tell us about your organisation and the partnership model you have in mind. We respond within 2 business days.

Optional

Optional

We only use your information to assess and manage your partner inquiry.