Fig. 06 / Frequently asked questions

FAQ

What is the Cyber Resilience Act (CRA) and does it affect me?

The Cyber Resilience Act (EU Regulation 2024/2847) applies to any product with digital elements placed on the EU market: apps, downloadable software, firmware, connected devices. From 11 September 2026, actively exploited vulnerabilities must be reported within 24 hours, and from 11 December 2027 you need CE marking, technical documentation and an SBOM. We get you ready for all of it: conformity gap analysis, SBOM, vulnerability policy and the reporting procedure.

Is my company in scope for NIS2 (OUG 155/2024)?

NIS2, transposed in Romania as OUG 155/2024, covers essential and important entities in sectors such as energy, health, transport, water, public administration and digital infrastructure. Even if your company is not directly in scope, if you supply such an entity it will ask you for security evidence. We assess and prepare that evidence.

Do you perform a DNSC-attested cybersecurity audit?

No. The regulated audit under OUG 155/2024 may only be performed by DNSC-attested auditors. COXSWAIN provides commercial security assessments, penetration testing and audit readiness. If you need the attested audit, we tell you directly and point you to an auditor on the DNSC list.

Do you use AI to write code?

Yes, openly: AI agents write most of the code, and a senior engineer designs the architecture and reviews every line before delivery. You get AI speed without AI risk.

Do you offer AI development for businesses?

Yes: AI application development, chatbots, AI agent automation and LLM integration into existing products. All with evals, guardrails and costs under control.

Why not just use ChatGPT to build my app myself?

For a prototype, it genuinely works. For production you need security, scaling, correct data and someone who answers when it goes down. We often repair AI-only builds; sometimes it's cheaper to build it right from the start.

What services does COXSWAIN offer?

AI-accelerated software development, security and SecOps, audit and rescue of AI-generated code, legacy system modernization, backend and APIs, DevOps and Cloud, AI product integration and ongoing maintenance.

Where is COXSWAIN located?

In Bucharest, Romania, working with clients worldwide.

How fast will I get a reply?

Usually within 24 hours on business days. Write to [email protected] with a short description of your project.