PSIRT Services
From organisation to PSIRTaaS: we build your product security incident response — structure, processes, tooling — or run it as a service for you.
The Challenge
With the CRA at the latest, a working PSIRT becomes mandatory: vulnerabilities must be intaken, assessed and published as advisories in a coordinated way — demonstrably and on time. Many organisations lack the structure, experience and capacity to do this. EACG supports the build-up from the first process to a fully-fledged PSIRT — and operates it as PSIRTaaS on request.
From organisation to operations
PSIRT setup & organisation
Roles, processes and governance for a capable product security incident response.
Processes & tooling
CVD, triage, assessment and advisory publication — orchestrated with TrustSource (CVD, CSAF, PSIRT Automation).
PSIRTaaS
We run your PSIRT as a service — from vulnerability intake to the published advisory.