In January, the EU published the final version of the Cyber Resilience Act (CRA). While this won't come into force until late 2026, there are still actions you can take.
The good news is most of what's required is already part of a mature modern AppSec programme.
In this session we’ll cover some of what DevSecOps and product security teams should be planning for to address CRA, with lessons drawn from efforts present in highly regulated spaces in other jurisdictions.