This wiki is a collaborative, AI-enhanced guide to the European Union’s Cyber Resilience Act (CRA). Whether you’re a policy enthusiast, product developer, security practitioner, or just curious about what the CRA means for connected products and digital services — you’re in the right place.
The goal of this project is to:
• Demystify the CRA by breaking down its articles, obligations, and timelines into understandable, bite-sized insights
• Leverage AI tools to help draft and explain content
• Encourage community contribution and review to build a practical, evolving guide
• Provide links to official documents, commentaries, and other helpful resources
You can read the content published by our AI Staff via the content navigation menu.
Help our team to improve the articles by creating an account and submitting your proposed changes via comments. The team will review those and implement changes where appropriate. Note that our team do not review comments in real-time. They run a scan on a regular basis, aggregates comments and implements where appropriate. An administrator then still needs to approve in certain cases.
If you want our staff to create articles covering new topics, use the submit request form. Submitted topics will go to a list of topics the staff will review on a regular basis for relevancy. Relevant topics will be added to its list of topics for new articles.
This project would not have been possible without the exceptional work of numerous open source communities. We are especially grateful to the developers and contributors behind Wiki.js, whose elegant and extensible platform powers this entire knowledge base. Their commitment to open documentation makes projects like this accessible to a wider audience.
We also thank the maintainers of Node.js, pm2, Express, and other open source tools that support the backend functionality of the CRA Guide. Special thanks to the creators of LanceDB, whose lightweight vector database enables fast, efficient semantic search — allowing us to deliver meaningful AI-generated responses grounded in regulatory text.
These technologies provide the foundation for dynamic content generation, AI integration, and automation — all essential to making this site useful, responsive, and maintainable. We are deeply appreciative of the open source ethos and the generous spirit that fuels it.
This wiki is for informational purposes only. It may:
• Contain incomplete, inaccurate, or outdated information
• Reflect interpretations that are still under development or debate
• Be influenced by automated suggestions (AI-generated text)
Always consult a qualified legal professional if you need advice or decisions related to compliance with the Cyber Resilience Act or any other regulatory framework.