CRA Compliance Blog

Insights on EU Cyber Resilience Act compliance, SBOM management, and product security for manufacturers.

RSS Atom

CRA Importers

CRA Importer Obligations: What to Verify Before Placing Products on the EU Market

A practical guide to Article 19 verification requirements for EU importers. Includes checklists, workflows, and guidance for when suppliers fall short.

Jan 15, 2026 10 min read

CRA Product Classes

CRA and NIS2: Where Cybersecurity Regulations Overlap for Product Companies

Understanding how CRA and NIS2 interact. A practical guide for organizations that manufacture products and operate critical services.

Jan 15, 2026 11 min read

CRA Compliance

CRA vs UK PSTI: Compliance Guide for EU and UK Markets

Comparing the EU Cyber Resilience Act with the UK Product Security and Telecommunications Infrastructure Act. Covers differences, overlap, and dual-compliance strategies.

Jan 15, 2026 10 min read

CRA SBOM

VEX for CRA Compliance: Vulnerability Exploitability eXchange Guide

How to use VEX documents for CRA compliance. Covers VEX formats, status types, integration with SBOM, and practical examples for communicating vulnerability applicability.

Jan 14, 2026 11 min read

CRA SBOM

HBOM for CRA Compliance: Hardware Bill of Materials Guide

Understanding Hardware Bills of Materials (HBOM) for CRA compliance. Covers what to include, format options, firmware tracking, and integration with your SBOM strategy.

Jan 13, 2026 11 min read

CRA Security Standards

CRA vs ISO 27001: How Your ISMS Supports Product Security Compliance

Understanding the relationship between ISO 27001 certification and CRA compliance. Covers gaps, overlaps, and how to leverage your ISMS for product cybersecurity.

Jan 12, 2026 12 min read

EU Cyber Resilience Act compliance guide Check CRA Applicability Create Free Account