cyber-resilience-act
Safeguard articles tagged "cyber-resilience-act" — guides, analysis, and best practices for software supply chain and application security.
10 articles
A Practical Guide to EU Cyber Resilience Act Compliance
The CRA's 24-hour vulnerability reporting clock starts 11 September 2026. Here's how to build the SDLC changes now instead of scrambling later.
Software Supply Chain Security for SaaS
SaaS companies are a supply chain for everyone else, which is why the EU Cyber Resilience Act, NIS2, SOC 2, and DORA now push obligations onto them. Here is how to build a program that satisfies customers and regulators alike.
EU Cyber Resilience Act FAQ: Timelines, SBOMs, and Reporting Duties
A precise FAQ on the EU Cyber Resilience Act in 2026 — what it covers, the phased 2026 and 2027 deadlines, the SBOM requirement, 24-hour vulnerability reporting, risk classes, and penalties.
What is the EU Cyber Resilience Act (CRA)? A software supply chain guide
The Cyber Resilience Act sets binding cybersecurity rules for products with digital elements sold in the EU. Here's who it covers, what it demands of software, and how to prepare before the 2027 deadline.
Cyber Resilience Act (CRA) Compliance for Software Vendors
CRA reporting duties start Sept 2026; fines reach 2.5% of global turnover. What software vendors must do for SBOMs, vulnerability reporting, and audits.
EU Cyber Resilience Act Vendor Obligations in 2026
The Cyber Resilience Act entered into force in December 2024 with a phased application schedule. The vendor obligations begin to bite in 2026 and accelerate through 2027.
EU Cyber Resilience Act Enforcement Timeline 2026
The EU Cyber Resilience Act is already biting in 2026. Here is the enforcement timeline manufacturers, integrators, and open source stewards need to internalize now.
License and Regulatory Risk in Open Source Components
Redis, HashiCorp, and Elastic all re-licensed core projects since 2021, and new rules like the EU Cyber Resilience Act now make license and SBOM gaps a regulatory problem.
EU Cyber Resilience Act: Final Text Analysis and Compliance Roadmap
The EU Cyber Resilience Act was finalized in 2024, mandating cybersecurity requirements and SBOMs for products with digital elements. Here is what the final text requires and how to prepare.
Software Transparency and the EU Cyber Resilience Act
The EU Cyber Resilience Act is rewriting the rules for software sold in Europe. Mandatory vulnerability handling, SBOM requirements, and security-by-design obligations are coming for every vendor.