CRA Cybersecurity Testing Service
Testing Support Based on Emerging CRA Horizontal and Vertical Standards
We help manufacturers, brand owners and product developers prepare technical evidence for CRA compliance, conformity assessment and customer security review.
Our service focuses on translating CRA requirements and emerging harmonised standards into practical, testable and reviewable technical evidence.
The EU Cyber Resilience Act (CRA) introduces mandatory cybersecurity requirements for products with digital elements placed on the European market. Our service focuses on translating CRA requirements and emerging harmonised standards into practical, testable and reviewable technical evidence.
Horizontal Standards: EN 40000-1-x Series
Horizontal standards define common cybersecurity principles and generic security requirements applicable across different product categories.
- prEN 40000-1-1Vocabulary
- prEN 40000-1-2Principles for Cyber Resilience
- prEN 40000-1-3Vulnerability Handling
- prEN 40000-1-4Generic Security Requirements
Support secure-by-design, secure-by-default, vulnerability handling, security update management, lifecycle security and technical documentation.
Vertical Standards: ETSI EN 304 6xx Series
Vertical standards define detailed cybersecurity requirements for specific product categories, software components or digital elements.
- ETSI EN 304 617Browsers
- ETSI EN 304 618Password Managers
- ETSI EN 304 619Anti-virus & Anti-malware
- ETSI EN 304 620VPN
- ETSI EN 304 621Network Management
- ETSI EN 304 622SIEM
- ETSI EN 304 623Boot Managers
- ETSI EN 304 624PKI & Digital Certificate
- ETSI EN 304 625Network Interfaces
- ETSI EN 304 626Operating Systems
- ETSI EN 304 627Routers, Modems, Switches
- ETSI EN 304 635Virtualisation & Containers
- ETSI EN 304 636Firewalls, IDS & IPS
The applicable vertical standard depends on the product category, software functionality, component type and use case.
CRA Testing Service Scope
Requirement Mapping
Map CRA requirements and applicable standards to your product and architecture.
Security Assessment
Evaluate security controls, configurations and implementation.
Vulnerability Testing
Identify vulnerabilities in software, firmware and connected components.
Evidence Collection
Collect test evidence, logs and documentation for compliance.
Reporting & Review
Provide technical reports and recommendations for improvement.
Compliance Support
Support conformity assessment and customer security review processes.
Why Choose The One Lab
CRA-focused
Testing approach aligned with emerging standards.
Multidisciplinary Team
Security experts, testers and compliance specialists.
Practical Evidence
Deliver usable and reviewable technical evidence.
Global Perspective
Support global products entering the EU market.
End-to-End Support
From requirement to testing, evidence and compliance.
Not Sure Where to Start?
Request a free initial consultation or product assessment.
Our experts are here to help.