Start building CRA-readiness evidence in hours, not months.
PAXECT Readiness helps small and mid-sized manufacturers and importers of connected devices build technical evidence, identify gaps and follow a controlled path from findings to improvement.
A plug-and-play Readiness Box, encrypted transfer to the PAXECT portal, verification-ready reports, Fix Patterns and a controlled fixing route — built for companies without a large product-security team.
No Linux knowledge. No scanner setup. No heavy enterprise implementation.
For selected B2B early adopters in the EU. VAT number required.
B2B screening notice
PAXECT Readiness is a B2B product for organisations that manufacture, import, distribute or manage connected devices in the EU market.
It is not a consumer product, not a hobby scanner and not a general IT scanning tool.
All Early Bird requests are reviewed before access is granted. We may ask for company details, VAT number, product type and intended use case before providing further information or onboarding.
By submitting an Early Bird request, you confirm that you are requesting information on behalf of a business or organisation, not as a private consumer.
Availability
PAXECT Readiness is currently in active product development and is preparing selected B2B Early Access for EU manufacturers, importers and organisations managing connected devices.
This is not an open public sale and there is no public checkout.
Early Access requests are reviewed manually. Product availability, pilot timing and commercial onboarding will be confirmed only after B2B intake, scope review and legal/commercial agreement.
CRA is coming. Smaller manufacturers need practical evidence.
The Cyber Resilience Act introduces new cybersecurity obligations for products with digital elements. Reporting obligations start from 11 September 2026, and the main CRA obligations apply from 11 December 2027.
For many smaller manufacturers and importers, the challenge is practical:
- no dedicated product-security team
- no time for complex enterprise implementation
- limited budget
- firmware and device evidence scattered across suppliers
A report alone is not enough.
Companies need to prove what is inside a product and show what happens after a finding is discovered: follow-up, validation and audit.
PAXECT Readiness: box-first CRA-readiness for connected devices.
PAXECT Readiness combines a local Readiness Box with a secure cloud environment.
The Readiness Box is designed as a ready-to-use local appliance. During onboarding, it is connected, activated and used to start building technical evidence for connected devices.
Customers do not need Linux knowledge, security tooling experience or a dedicated product-security team to get started.
Live device scan
For Linux-based devices available on the local network.
Firmware image analysis
For firmware files, even when no active device is available.
PAXECT Readiness does not stop at a report.
The report is the evidence layer. The Fix Pattern Library gives a managed route toward improvement. Controlled fixing is available only when approved by the customer.
No automatic changes without approval. No uncontrolled remediation. No “black box” fixing.
Product route
What you get
Readiness Box, encrypted transfer, secure cloud archive, verification-ready reports, structured portal, Fix Patterns and a controlled fixing route.
Readiness Box
A dedicated local appliance for scanning and evidence collection. It is designed as a practical business appliance, not as a technical DIY kit.
Encrypted transfer
Reports and scan evidence are transferred from the Readiness Box to the PAXECT environment through a secure, encrypted transfer path.
Secure Cloud Archive
A cloud environment for report archive, scan history, ownership records, audit trail and report fingerprints.
Verification-ready reports
Each official PAXECT report can be linked to the registered Readiness Box, organisation, licence, scan run, report fingerprint and audit trail.
Structured Report Portal
Reports are stored in a structured portal, so customers can keep scan history, findings, fingerprints and audit evidence organised.
Fix Patterns and controlled fixing
Findings are connected to managed Fix Patterns. When fixing is needed and approved, PAXECT supports scoped improvement, validation, rollback path and audit logging.
How it works
Three practical steps from activation to controlled follow-up.
Activate your Readiness Box
Receive the PAXECT Readiness Box, connect it to your environment and activate it through your business account.
Scan your device or firmware
Scan a live Linux-based device or analyse a firmware image without an active device.
Review and act
Review findings, evidence and Fix Patterns in the PAXECT portal. When needed, choose a controlled improvement route.
Why PAXECT is different
PAXECT does not issue legal CRA certification. PAXECT helps build technical evidence, identify gaps and document a controlled route toward improvement.
| Traditional enterprise approach | PAXECT Readiness |
|---|---|
| Often built for large product-security teams | Built for smaller manufacturers and importers |
| Heavy onboarding | Plug-and-play Readiness Box |
| Specialist setup often required | No Linux knowledge required |
| Often stops at assessment and reporting | Evidence → Fix Pattern → controlled improvement route |
| Internal reports only | PAXECT verification-ready reports |
| Reports may be hard to verify later | Report fingerprint and audit trail |
| Complex for smaller teams | Practical B2B workflow |
| Open-ended consulting model | Box + product line plan + credits |
Current support and roadmap
The Early Access scope focuses on Linux-based device and firmware readiness and is designed to grow toward full product line readiness evidence.
| Area | Status |
|---|---|
| Linux live device scan | Early Access scope |
| Linux firmware image analysis | Early Access scope |
| SBOM/component insight | Early Access scope |
| Fix Pattern Library | Early Access scope |
| Android APK scanning | Planned |
| Windows EXE/MSI scanning | Planned |
| iOS IPA scanning | Planned |
| Cloud/API readiness checks | Planned |
Pricing
Indicative Early Bird pricing for selected B2B early adopters.
PAXECT Readiness Box Core
For teams that use the PAXECT portal from an existing laptop, tablet or desktop.
PAXECT Readiness Box Standalone
Includes local display/kiosk setup for on-site status and operation without a separate screen.
Basic Productline Plan
per product line
For ongoing readiness tracking, portal access, archive access and fair-use scanning.
Scan Credits
per credit
For additional scans, firmware checks and re-checks.
Controlled Fixing
Always customer-approved, scoped, validated, rollback-aware and audit-logged.
Premium Analysis
For complex firmware, deep analysis or special compliance support.
All prices are indicative Early Bird prices and shown excluding VAT. Prices may vary by package, support level, scan volume and contract scope.
Early Bird Starter Benefit
Approved B2B Early Bird applicants may receive a personal Early Bird code for €300 in PAXECT scan credits with their first Readiness Box package.
Requests are reviewed manually. The code is not issued automatically and is subject to product fit, availability, onboarding scope and commercial agreement.
EU funding note
European programmes such as SECURE support micro, small and medium-sized enterprises working on cyber resilience and CRA preparation. The first SECURE open call listed a €5 million budget, grants of up to €30,000, and a 50% co-financing model.
PAXECT Readiness may fit into CRA-readiness improvement projects where a company needs scanning, evidence, reporting and follow-up.
Funding eligibility depends on your organisation, project scope, timing and the current programme rules.
Request Early Bird Information
This form is for B2B information requests only. It is not a public checkout or product purchase.
Use this form to request Early Bird information and check whether PAXECT Readiness fits your company, product type and CRA-readiness planning.
Approved applicants may be considered for the Early Bird Starter Benefit described in the pricing section.
Any personal Early Bird code is issued only after manual review and is not automatic or guaranteed.
PAXECT uses your information only to review your Early Bird request and contact you about PAXECT Readiness. We do not sell your data.
If the form does not load, open the Early Bird information request form in a new tab.
What happens after you apply?
After your request, we follow a simple B2B intake process.
Review
We review your company and use case.
Fit check
We check whether PAXECT Readiness fits your product type.
Next step
If there is a match, we send further Early Bird information and may invite you for a short readiness call.
Paid onboarding only starts after commercial and legal details are agreed. This keeps the Early Bird programme focused on serious B2B use cases.
FAQ
Short answers for common business questions.
Is PAXECT Readiness for consumers?
No. PAXECT Readiness is a B2B product for organisations that manufacture, import, distribute or manage connected devices in the EU market. Early Bird access is reviewed before approval. A VAT number or other business verification may be required.
When do CRA obligations start?
Reporting obligations for actively exploited vulnerabilities and severe incidents start from 11 September 2026. The main CRA obligations apply from 11 December 2027.
Does PAXECT make my product CRA compliant?
No. PAXECT does not issue legal CRA certification. PAXECT helps you build technical evidence, identify gaps, connect findings to Fix Patterns and document a controlled route toward improvement.
Do I need a security team to use PAXECT?
No. PAXECT is designed for smaller manufacturers and importers without a dedicated product-security team.
Is PAXECT Readiness difficult to use?
No. The customer does not need to install Linux, configure scanner tools or manage a complex security platform. The Readiness Box provides the local scan environment, and the portal presents findings, evidence and follow-up steps in a structured way.
Can I use a tablet, Windows laptop or iPad?
Yes, for the web portal. You can view reports and status from a normal browser on a tablet, phone or laptop. Official scanning is done through the registered PAXECT Readiness Box.
Can reports be stored locally?
PAXECT Readiness is designed around a secure cloud report archive, but local report export options are planned for customers who need offline copies for internal records or audits. Local export is intended for report storage only.
Is PAXECT only a scanner?
No. PAXECT Readiness is built around the full route: check → evidence → Fix Pattern → customer decision → controlled fixing → re-check → audit trail. The report is the evidence layer. The product does not stop there.
About PAXECT
PAXECT is a Netherlands-based startup building practical CRA-readiness infrastructure for European manufacturers and importers of connected devices.
We focus on companies that need technical evidence, verification-ready reports and a controlled improvement path, but do not have a large product-security team or months for complex enterprise tooling.
Built in the Netherlands. Focused on the EU market. Designed for B2B.
CRA-readiness should not require an enterprise security team.
Start with technical evidence, verification-ready reports and a controlled route from findings to improvement.