Stay up to date with the latest developments around the Cyber Resilience Act, EU cybersecurity regulation and compliance best practices.
The European Commission has published draft guidance on the Cyber Resilience Act, covering key topics including free and open-source software, remote data processing solutions, core functionality, placing on the market of software, and risk assessment. The public consultation is open until March 31, 2026 via the Have Your Say portal.
ENISA has opened applications for an Ad-Hoc Working Group on Security Architecture Engineering and Vulnerability Management. The group will support ENISA's activities in security architecture for digital products and developing EU vulnerability management capacity. Application deadline: April 15, 2026.
The Stan4CRA project is hosting a series of webinars and deep dives on European harmonised standards under development in support of the CRA. The events cover practical implementation guidance for manufacturers, importers and distributors preparing for compliance.
Starting September 11, 2026, manufacturers must report actively exploited vulnerabilities and severe security incidents to ENISA within 24 hours. Organizations should begin preparing their incident reporting procedures now to ensure readiness.
The European Commission has released detailed guidance documents to help economic operators understand and implement CRA requirements. The guidance covers product classification, conformity assessment procedures and SBOM requirements.
The Software Bill of Materials (SBOM) is a central requirement of the CRA. This article explains what an SBOM must contain, recommended formats and tools, and how to integrate SBOM management into your development workflow.
Receive monthly updates on CRA developments, regulatory changes and compliance tips directly in your inbox. No spam — only relevant, actionable information.
Our specialists monitor all CRA-related developments and can advise you on what changes mean for your organization.