gvip-project.orgOWASP SAMM is an important part of measuring the change while implementing the EU Cyber Resilience Act. Register today for the Nordic Software Security Summit in Stockholm April 9 to learn more!
https://nsss.se
anchoreThe EU CRA isn't just policy; it's an economic reality check. π
Kate Stewart discusses how steep penalties are finally forcing positive changes in industry hygiene. Transparency is no longer optional. It's the price of admission.
Nordic Software Security SummiAre you ready for the EU Cyber Resilience Act? If not, see the Nordic Software Security Summit as your academy - three days with a CRA focus, from the training day, the NSSS conference and the SBOM Focus event that is all about the Software Bill of Materials - the heart of the CRA due diligence and vulnerability management process.
Register today at https://nsss.se!
If you are a manufacturer of products with any form of network connection, you're likely going to be affected by the EU Cyber Resilience Act. It's time to get ready. Learn all about the CRA at the Nordic Software Security Summit Spring '26 in Stockholm, Sweden April 8-10.
Register today at https://nsss.se
#CRA #EUCRA #NIS2 #CYBERSECURITY #OT #IOT #mobileappsecurity
Proudly introducing our speaker Dr Allan Friedman! Allan will talk in the SBOM Focus conference on Friday April 10th. Registration is now open at https://nsss.se
OejBack from #FOSDEM and working on the new European SBOM conference in Stockholm April 10th. Send me your ideas for talks!
jpmellojrThe EU Cyber Resilience Act changing game for software transparency. Say goodbye to voluntary best practicesβmandatory SBOMs are becoming a legal condition for market access.
https://jpmellojr.blogspot.com/2026/01/new-regulations-are-elevating-software.html #SBOM #EUCRA #SupplyChainSecurity #CyberSecurity
https://jpmellojr.blogspot.com/2026/01/new-regulations-are-elevating-software.html #SBOM #EUCRA #SupplyChainSecurity #CyberSecurity
Everyone that manages security reports for Open Source projects have been getting a higher workload because of AI. Both real reports and just slop - reports including vulnerabilities in code that doesn't exist. For some, this is becoming a denial of service attack, with developers having to spend valuable, and in some cases unpaid, time to sort out what's real and may be a vulnerability.
Jarek Potiuk, member of The Apache Software Foundation will talk about this on the GVIP Summit Wednesday Jan 28th in Brussels. We still have a few seats available - but hurry up to register!
Peter N. M. HansteenAgain for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa
#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
NYC*BUG Jan 2026: Upcoming 4th edition of The Book of PF, CRA and more, Peter Hansteen
AppSec Villageπ Understanding the EU Cyber Resilience Act: A Practical Guide
The latest ebook from Finite State breaks down:
β
What the EU CRA means for your business
β
Key compliance steps to stay ahead
β
How to turn regulatory challenges into competitive advantages
Download now: https://hubs.ly/Q03rr13c0
#IoTSecurity #EUCRA
We π sharing valuable information like this with our community!
