The EU Cyber Resilience Act (CRA) is reshaping how manufacturers and developers must secure their products—but what does it mean for your Developer platforms, DevOps pipelines, and DevTeams? In this session, we’ll share a real-world implementation of the Technical Guideline TR-03183 from the Federal Office of Information Security. I will demonstrate how to technically address CRA mandates without drowning in compliance overhead.

You will leave with
✅ Understand the CRA’s impact on your Dev-Teams (and why ignoring it isn’t an option).
✅ See a production-ready workflow for SBOMs, vulnerability management, and compliance automation.
✅ actionable insights on integrating CRA requirements with SBOM handling into your CI/CD pipelines.
✅ A clear "why this matters" for your org, and lessons from the trenches of securing critical infrastructure with Kubernetes.
✅ Get a checklist for team adoption—because compliance is a cultural challenge, not just a technical one.