Getting started with CRA Compliance Suite takes less than 10 minutes.
This quick start guide shows you how to add CRA Compliance Suite to your WordPress development workflow and start improving your compliance score immediately.
Step 1: Create Your Account
Visit CRA Compliance Suite and sign up for a free trial account. No credit card required for the 14-day trial period.
After signup, you receive immediate access to all compliance tools including SBOM generation, vulnerability scanning, compliance checking, and automated reporting. The onboarding wizard guides you through initial setup, helping you connect your repositories and configure notification preferences.
Step 2: Connect Your Repository
Connect your GitHub, GitLab, or Bitbucket repository with a single click using OAuth authentication.
The system automatically detects your WordPress plugin structure, identifies dependency manifests, and begins initial scanning. You can connect multiple repositories if you manage a plugin portfolio.
Repository integration is read-only by default for security.
Step 3: Run Your First Compliance Scan
Click “Scan Now” to run your first comprehensive compliance check.
The scan analyzes your codebase for compliance gaps, generates your initial SBOM, checks all dependencies for known vulnerabilities, validates security documentation completeness, and assesses update mechanism security. Results appear in minutes with a compliance score, prioritized findings list, and actionable remediation guidance.
Your first scan establishes your compliance baseline.
Step 4: Address Critical Findings
Review Critical and High severity findings first.
Each finding includes detailed explanation of the compliance issue, specific affected components or code sections, step-by-step remediation instructions, and links to relevant documentation. Follow the guided remediation workflow that tracks your progress as you address each finding.
Most developers address 80% of findings in their first day.
Step 5: Enable Continuous Monitoring
Turn on continuous monitoring to track compliance automatically.
Configure daily scans for new vulnerabilities, pull request checks that verify compliance before merging, and automatic SBOM regeneration when dependencies change. Set up notifications via email, Slack, or webhooks to stay informed of compliance status changes.
Continuous monitoring ensures you stay compliant as regulations and vulnerabilities evolve.
Start Your Free Trial Today
Visit CRA Compliance Suite to start your free 14-day trial and begin your WordPress plugin compliance journey in minutes.