Cyber risk today is mostly documented in spreadsheets, PDFs, and slide decks formats that are hard to version, automate, or integrate with tooling.

CRML (Cyber Risk Modeling Language) aims to represent cyber risk as structured, machine-readable models instead of documents. This allows risk scenarios to be version-controlled, generated by tools, and executed through simulations.