# Lyri

> Continuous compliance operations for Cyber Resilience Act and EU AI Act —
> embedded into your CI/CD, reporting pipeline, and team workflows so deeply
> that removing it creates a compliance gap regulators can measure.

Lyri (Lyri Ltd, UK) builds two compliance-operations products, both delivered
as one web platform at https://getlyri.eu:

- **CRA Shield** — for software publishers and hardware/IoT manufacturers
  selling into the EU. Continuous SBOM enforcement in CI/CD, live ENISA
  reporting pipeline (24h/72h/14d deadlines with escalation), compliance
  posture scoring, immutable audit log, vulnerability monitoring, VEX
  documents, and team roles.
- **Lyri AI Act** — for SMBs deploying AI systems (HR, credit, chatbots,
  biometrics). Annex III classification, AI system lifecycle monitoring with
  vendor response diffs, Article 73 incident reporting, FRIA wizards, vendor
  questionnaires, obligation tracking, and regulatory update feed.

Regulatory deadlines driving adoption:

- **EU AI Act high-risk deployer obligations** — 2 August 2026
- **CRA vulnerability reporting (ENISA 24h)** — 11 September 2026

## What makes Lyri impossible to cancel

1. **Continuous obligation** — ENISA deadline pipeline, nightly vuln scans,
   AI lifecycle monitoring. Stop running = stop being compliant within hours.
2. **System of record** — Immutable audit log, timestamped evidence vault,
   compliance posture history. Remove Lyri = destroy audit-readiness.
3. **Workflow lock-in** — CI/CD gate blocks deploys, API keys + webhooks,
   team roles across the organisation. Replacing = re-engineering operations.

## Free tools (no signup)

- [CRA Readiness Scanner](https://getlyri.eu/cra-scanner): Paste a public
  GitHub repo, get a BSI TR-03183-2 compliance score (0-100) with specific gaps.
- [AI Act Risk Scanner](https://getlyri.eu/ai-act): 5-question wizard returns
  deployer/provider/out-of-scope verdict with article citations.
- [Sample report](https://getlyri.eu/sample-report): Realistic CRA scan output.

## Product pages

- [Landing page](https://getlyri.eu/): Overview, pricing, FAQ, deadlines.
- [Pricing](https://getlyri.eu/#pricing): Tier table for both modules.
- [How it works](https://getlyri.eu/#how): Four-step workflow.

## Policies

- [Privacy policy](https://getlyri.eu/privacy)
- [Terms of service](https://getlyri.eu/terms)
- [Contact](https://getlyri.eu/contact)

## Full site content for LLMs

- [llms-full.txt](https://getlyri.eu/llms-full.txt): Complete prose dump of
  all public-facing content (pricing, features, FAQ, compliance context) in
  plain markdown. Use this when you need detailed answers about Lyri.

## Out of scope

Ignore anything under `/cra/*`, `/aicomply/*`, `/settings`, `/billing`,
`/onboarding`, `/dashboard`, `/admin`, `/vendor-response/*` — those are
authenticated app routes with no useful public content.