Compliance
CRA Supplier Due Diligence: Questionnaire & Red Flags
Operational CRA supplier diligence: ready-to-use questionnaire, FOSS / cloud / hardware playbooks, red flags, escalation flow, contract clauses.
Cyber Resilience Act Blog
Analysis and practical guidance on the EU Cyber Resilience Act. Regulation explainers, SBOM tooling, vulnerability workflows, and ENISA reporting, written for manufacturers, importers, and distributors.
Compliance
Multi-Role CRA: Manufacturer, Importer, Distributor
CRA playbook for companies that manufacture, import and distribute: role mapping, obligation stacking, vulnerability routing, penalties and conflict points.
Vulnerability Management
Setting Up security.txt for CRA Compliance: A 10-Minute Guide
A quick, practical guide to implementing security.txt for your products. Includes templates, hosting options, and common mistakes to avoid.
Compliance
Generate an SBOM for CRA: Tools, Formats, CI/CD
A hands-on guide to generating Software Bills of Materials for CRA compliance. Covers open-source tools, format selection, and automated pipeline integration.
Compliance
CRA White-Label & OEM Products: A Manufacturer's Guide
CRA obligations for white-label, OEM and private-label products: rebrand bridge, OEM cessation, SBOM provenance, support-period mirror, contract clauses.
Compliance
CRA Distributor Checklist: 5 Verification Steps for Every Product
An operational CRA distributor companion: receiving checklist, quick-reference card, real scenarios, and the acts that turn a distributor into a manufacturer.
Stay in the loop
Get notified when we publish new articles about CRA compliance and product security.