Compliance
CRA Compliance for Startups: A Lean, Practical Guide
How resource-constrained startups can reach CRA compliance: prioritisation, lean approaches, funding options, and building security in from day one.
Cyber Resilience Act Blog
Analysis and practical guidance on the EU Cyber Resilience Act. Regulation explainers, SBOM tooling, vulnerability workflows, and ENISA reporting, written for manufacturers, importers, and distributors.
Country & Market Guides
CRA vs UK PSTI: Compliance Guide for EU and UK Markets
Comparing the EU Cyber Resilience Act with the UK PSTI Act: key differences, where they overlap, and dual-compliance strategies for both markets.
Compliance
CRA and NIS2: Where the Two Regulations Overlap
Understanding how CRA and NIS2 interact. A practical guide for organizations that manufacture products and operate critical services.
Vulnerability Management
VEX for CRA: Vulnerability Exploitability eXchange Guide
How to use VEX (Vulnerability Exploitability eXchange) for CRA compliance: formats, status types, SBOM integration, and practical examples.
Vulnerability Management
CRA vs ISO 27001: The Compliance Gaps Your ISMS Won't Cover
Does ISO 27001 cover the Cyber Resilience Act? Not fully. Maps the exact gaps, what your ISMS transfers, and what you still need before the 2027 deadline.
Compliance
CRA for Automotive Suppliers: UN R155/R156 and Aftermarket
How the CRA applies to automotive suppliers and aftermarket parts: the vehicle type-approval exemption, ISO/SAE 21434 alignment, and which components need CRA.
Stay in the loop
Get notified when we publish new articles about CRA compliance and product security.