enisa
Safeguard articles tagged "enisa" — guides, analysis, and best practices for software supply chain and application security.
6 articles
CRA Article 14: 24-Hour Early Warning and 72-Hour Reporting Explained
Article 14 of the Cyber Resilience Act mandates dual notifications to coordinating CSIRTs and ENISA within 24 hours of awareness. Reporting starts 11 September 2026.
ENISA's CRA Single Reporting Platform Goes Live September 2026
From 11 September 2026, every CRA manufacturer must file a 24-hour early warning of actively exploited vulnerabilities through one ENISA-operated portal — and the platform is being built right now.
ENISA Threat Landscape 2025: Supply Chain Section Decoded
ENISA's October 2025 report analysed 4,875 incidents from July 2024 to June 2025 and found phishing led at 60% of intrusions, with supply chain and slopsquatting as fast-growing vectors.
EUCC: First Certificates Issued Six Weeks After Scheme Launch
ANSSI issued the first two EUCC certificates in April 2025, just six weeks after the European Common Criteria-based cybersecurity certification scheme entered into force on 27 February 2025.
EU Cybersecurity Reserve: Trusted Providers Under the Cyber Solidarity Act
The EU Cybersecurity Reserve under Regulation (EU) 2025/38 mobilises trusted private incident-response providers to support Member States facing significant cyber incidents.
EU Cyber Solidarity Act: Regulation 2025/38 in Force
Regulation (EU) 2025/38 entered into force on 4 February 2025, establishing an EU Cybersecurity Reserve, alert system of cross-border hubs, and ENISA-led incident review mechanism.