With the final release of the European Union’s Cyber Resilience Act, it would be fair to have concern about its implications to both the software you create and the resources you depend on. Much like London’s notorious fog, the hype and fear around the CRA have obscured the path our community is on.

In their role as leaders of CNCF’s Technical Advisory Group for Security and as maintainers of the OpenSSF Security Baseline, speakers Eddie Knight and Michael Lieberman are uniquely equipped to shed light on both the benefits and complexities of CRA.

This talk will be a light-hearted exploration of how cloud technology, open source projects, and end users can all benefit from the CRA— and how software creators can avoid falling on the wrong side of the law.