Skip to content
Fleet CRA

Fleet CRA Assessment Engine

Automated CRA compliance assessment with LLM-powered evidence generation, SBOM/CBOM tooling, and CI/CD integration for 8 platforms.
Get Started CRA Primer

What Fleet CRA Does

Section titled “What Fleet CRA Does”

Scan Your Codebase

11 detectors analyze your code against 401 CRA requirements covering cryptography, authentication, input handling, supply chain, and more.

Generate Evidence

Every finding produces a timestamped, SHA-256 hashed evidence record suitable for Module A technical documentation.

LLM-Powered Review

Semi-automated findings are reviewed by AI (Ollama, Claude, or OpenAI) to produce regulatory-quality evidence text.

SBOM & CBOM

CycloneDX 1.6 Software and Cryptographic Bills of Materials with vulnerability enrichment via OSV.dev.

CI/CD Integration

GitHub Actions, GitLab CI, Jenkins, Bitbucket, Azure DevOps, CircleCI, Drone, and Woodpecker — with PR checks and compliance gates.

Dashboard

lit-html dashboard with compliance scores, gap analysis, evidence vault, catalog explorer, and SBOM/CBOM viewers.

Quick Example

Section titled “Quick Example”
Terminal window
# Install and scan
fleet scan --path ./my-product --output pretty


# With SBOM, CBOM, and Module A report
fleet scan --path . --sbom --cbom --report cra-report.md


# In CI with compliance gate
fleet scan --path . --ci --output json --output-file results.json