🟡 This is a CRAdar demo.
You are connected to a DEMO instance.
⚠ Don't trust any number on this site for production decisions.
- All product data is fictional. Vendor names, CVEs assigned to those products, advisory drafts, and compliance scores were seeded for demo purposes.
- AI features may be disabled. AI VEX recommender / threat suggester / SDS generator may be read-only stubs on this stack.
- Reset on demand. Demo data can be wiped at any moment by the operator — bookmarked URLs may 404.
- No live customer integration. SMTP / Slack / GitHub upstream / ENISA SRP are simulated; nothing leaves this box.
- Search engines blocked. robots.txt blocks all crawlers + every page has a
noindexmeta tag. This page should never appear in Google. - Self-advisory feeds disabled. The CSAF provider metadata, OpenVEX documents, and Atom release feed (the routes a real CRAdar tells the world "here are my own vulnerabilities") all return 404 on demo so this fictional data never gets indexed by aggregators like CISA / OASIS.
What CRAdar actually is
CRAdar is an EU Cyber Resilience Act (Regulation 2024/2847) conformity automation platform — SBOM ingestion, vulnerability correlation, OpenVEX / CSAF authoring, Annex VII bundle export, IEC 62443-4-1 evidence collection. It is installed on customer infrastructure (on-prem or customer cloud); the production instance you license is not this demo box.
Want a real conversation?
Drop a note via the public CVD trust page — /security — or reach out via the contact on the production site at cradar.example. We don't run any sales widgets on this demo so the only way we hear from you is if you explicitly reach out.
Environment label: DEMO · Built from the same source tree as production, just with a different .env. See the CRAdar repository for the source.