CVD Portal · CRA Compliance Verification
Portaregulus
CRA Article 14 · September 2026 Deadline
CVD Reporting Requirement Met
Verified 3 June 2026
✓
September 2026 Artifact Groups
1
Public Intake Channel
EN 40000-1-3 §5.3.3.4, §5.4.2.4
Publicly accessible way for researchers and users to report vulnerabilities.
- ▸Branded submission portal — live
- ▸Machine-readable security.txt at /.well-known/security.txt
- ▸Published CVD policy (scope, safe-harbour, SLAs, contact)
2
Internal Triage Playbook
EN 40000-1-3 §5.3.2.4
Documented rules for who verifies a report and who files the ENISA notification.
- ▸48h SLA tracking with coordinator assignment and breach alerts
- ▸One-click ENISA Article 14 notification (24h / 72h / 14d)
- ▸Vulnerability Handling Procedure — signed and on file
3
Paper Trail
EN 40000-1-3 §5.5.2.4, §5.4.3.4
Proof that each report was evaluated and a deliberate decision was made.
- ▸Immutable append-only audit log (actor, timestamp, IP, country)
- ▸Per-submission communication log
- ▸ENISA report export and CSAF 2.0 advisory generation
This verification is generated automatically from live CVD Portal infrastructure data for Portaregulus. It reflects the company's current compliance status and updates in real time.
Provided under CVD Portal trust and security policy · cvdportal.com