CRAcking Compliance - The EU Cyber Resilience Act
The Cyber Resilience Act (CRA) will be arriving in the European Union in 2027, and with it a lot of new obligations. What we already consider good practices in our software industry today will be required by law tomorrow. In this talk, we will take a look at what's inside the CRA, who will be affected by it, and what new requirements we will have to fulfil. After that, we will take a look at tooling to generate Software Bills of Materials (SBOMs) for our .NET and JavaScript projects, as well as how to visualise and integrate them into existing CI workflows. Last but not least, we will take a look at how to handle the required vulnerability management with (semi-)automated dependency updates by utilising tools like Dependabot or Renovate and how to reduce dependencies with distroless images.
About the speaker
Christian Schabetsberger
Christian Schabetsberger, the world's okayest developer, is a Freelance Software Engineer & Architect from Linz, Austria with over a decade of experience.
Having spend half of his life in the .NET ecosystem (amongst others), he likes to stay on the bleeding edge of technology to become the (tech-savvy) ninja he pretends to be since he is six.
He is also an active community member, organising the .NET Meetup in Linz and supporting other local user groups. Furthermore he is a member of the .NET Foundation.