Free assessment · 3 minutes

Assess your exposure.

Two short questionnaires. You get a score, three risk areas, and a free 20-min debrief if you want to go further.

  • Free, no strings
  • No account needed
  • Email only used to send the result
Product compliance

Cyber Resilience Act

12 questions on your CRA readiness. Deadline: September 11, 2026.

  • 12 questions · A/B/C
  • 3 themes · score out of 24
  • For CTOs, CISOs, heads of product
Start the CRA assessment AI Security

AI Security

10 questions on the security of your production AI systems. Before the incident happens.

  • 10 questions · A/B/C
  • 3 themes · score out of 20
  • For AI teams, MLOps, security
Start the AI Security assessment

How it works

3 minutes per assessment

Single-choice A/B/C per question. No trap, no free text to fill.

Get your score immediately

Global score, level per theme, and an honest read of your exposure.

Free 20-min debrief

If you want to go further, we take 20 minutes to turn the score into an action plan.

Frequently asked questions

How long does the assessment take?

About 3 minutes per assessment. CRA has 12 questions, AI Security has 10. A/B/C format, one answer per question, no free text to fill.

Is the assessment really free?

Yes, no strings attached. No account to create, no subscription, no freemium trap. Your email is used to display the result. The 20-min debrief is also free if you request it.

Who is behind WeeSec?

Aroua Biri, PhD in cybersecurity (Télécom SudParis), MIT Applied AI certified. 15+ years of experience with BNP Paribas, Société Générale, Thales, AXA, EDF, L'Oréal, and 80+ CTOs supported on product and AI security.

What is my email used for?

Your email is stored to link your score to your identity when you request a debrief. No third-party resale. GDPR-compliant with explicit consent and accessible privacy policy.

Is the result reliable?

The assessment captures a posture, not a substitute for a formal audit. Questions are calibrated against regulatory requirements (CRA Annex I, AI Act Articles 9-15) and security best practices (OWASP LLM Top 10, NIST AI RMF). The score reflects your declared situation honestly.

What is the difference between the CRA and AI Security assessment?

CRA assesses your product compliance (SBOM, vulnerability management, CE-Cyber marking, security updates). AI Security assesses operational AI systems security (prompt injection, supply chain, monitoring, governance, AI Act). You can take both.

What happens after?

You see your score immediately on screen. You can book a 20-minute debrief via Calendly to turn the score into a concrete action plan. No unsolicited follow-up unless you initiate it.