Preparing for the EU Cyber Resilience Act (CRA) (opens in new tab)

TL;DR   Raising the baseline for product security  Product security has matured significantly over the last decade. Secure defaults, defined ownership of security risk, reliable update mechanisms, and structured vulnerability handling are now mainstream and well understood by experienced engineering and security teams. These practices are no longer aspirational. They are now the minimum required to build and operate digital products responsibly.   The new EU Cyber Resilience Act (CRA) formali...