ποΈ CRA Compliance Checklist for Game Developers
This checklist translates the Cyber Resilience Act (CRA) into actionable items for game development.
ποΈ CRA Compliance Checklist for App & Software Developers
This checklist breaks down the Cyber Resilience Act (CRA) into practical steps for developers of general applications and software.
ποΈ Quick Guide to CE Marking Your Software
The CE marking is the final visual step in your Cyber Resilience Act (CRA) compliance journey, signaling that your app, game, or software meets EU requirements. Hereβs how to get it done.
ποΈ Secure Software Development Lifecycle (SSDLC) and the CRA
The Cyber Resilience Act (CRA) doesn't explicitly use the term "Secure Software Development Lifecycle" or SSDLC. However, its requirements effectively mandate that you adopt one for your app, game, or software. An SSDLC is a process that builds security into every stage of development, from concept to sunset.
ποΈ SBOM Generation and Management Tools for Software Devs
The Cyber Resilience Act (CRA) requires you to create a Software Bill of Materials (SBOM) for your app or game (Annex I, Part II, point 1). Manually creating and managing an SBOM for any modern software project is impractical and error-prone. The right tools are essential.
ποΈ Setting Up a CVD Policy: Template for Software Projects
The Cyber Resilience Act (CRA) requires you to have a Coordinated Vulnerability Disclosure (CVD) policy (Annex I, Part II, point 5). This policy tells security researchers how to report vulnerabilities to you responsibly. Here is a basic, adaptable template to get you started.
ποΈ How to Handle an "Actively Exploited" Vulnerability Report for Your Software
Receiving a report that a vulnerability in your app or game is being actively exploited in the wild is one of the most serious situations you can face under the Cyber Resilience Act (CRA). You need a clear plan of action.
ποΈ Communicating "End of Support" for Your Software Product
Under the Cyber Resilience Act (CRA), you must define a "support period" for your app, game, or software, during which you provide security updates. Just as important is clearly communicating when that support will end.
ποΈ CRA for Solo Devs and Micro Software Businesses: Key Priorities
If you're a solo developer or running a micro-business (fewer than 10 employees), the Cyber Resilience Act (CRA) can seem daunting. While you are still required to comply, focusing on the most critical, high-impact requirements can make the process manageable.