Vulnerability Management
ENISA's Secure by Design Playbook: A CRA Guide
ENISA's Security by Design and Default Playbook (v0.4, 2026) turns CRA rules into 22 practical checklists for SMEs: principles, lifecycle and CRA mapping.
Cyber Resilience Act Blog
Analysis and practical guidance on the EU Cyber Resilience Act. Regulation explainers, SBOM tooling, vulnerability workflows, and ENISA reporting, written for manufacturers, importers, and distributors.
Vulnerability Management
Setting Up security.txt for CRA Compliance: A 10-Minute Guide
A quick, practical guide to implementing security.txt for your products. Includes templates, hosting options, and common mistakes to avoid.
Vulnerability Management
VEX for CRA: Vulnerability Exploitability eXchange Guide
How to use VEX (Vulnerability Exploitability eXchange) for CRA compliance: formats, status types, SBOM integration, and practical examples.
Vulnerability Management
CRA vs ISO 27001: The Compliance Gaps Your ISMS Won't Cover
Does ISO 27001 cover the Cyber Resilience Act? Not fully. Maps the exact gaps, what your ISMS transfers, and what you still need before the 2027 deadline.
Stay in the loop
Get notified when we publish new articles about CRA compliance and product security.