The EU Cyber Resilience Act (but also the US president’s Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity) defines a number of best practices and regulatory framework which also applies to software, like cyber security rules and standards, and making sBoM mandatory.
The EU CRA aims to set the conditions for the development of secure software in the EU, in order to strengthen the EU approach to cybersecurity and improve the functioning of both internal and global markets. It also empowers users to take cybersecurity into account when buying and using such products by ensuring that adequate information is made available to them.
This session covers an analysis of the Act, what it means for the SDLC and especially for DevSecOps processes, with examples for implementations, and the agendaa for the enforement of tha Act (and we all have to be ready sooner than you think)

The EU Cyber Resilience Act (but also the US president’s Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity) defines a number of best practices and regulatory framework which also applies to software, like cyber security rules and standards, and making sBoM mandatory.
This session covers an analysis of the Act, what it means for the SDLC and especially for DevSecOps processes, with examples for implementations, and the agendaa for the enforement of tha Act (and we all have to be ready sooner than you think)
First public delivery: DevOpsCon London (devopscon.io), Maay 13th, 2026