Hello everyone,
this is my very first post here and I’m very new to Mender, I hope I don’t write stupid things 
I am evaluating if Mender can fit my business, and I’m looking forward the CRA requirements in EU, especially the service of CVE monitoring.
What I understand reading the documentation online, is that Mender team performs CVE continuous monitoring for “its own” server side environment, but not for the “client side” part. In example: if I have my project to update, based on yocto, and I register for Enterprise account and share to Mender team the software bill of material (sBOM), will Mender team perform for us the CVE monitoring of all sw components enlisted? Or it’s a service not offered by Mender at all?
Thanks in advance for taking the time to clarify my doubt.
Andrea Pedica