CRA

Taking Stock of the State of European Cyber Resilience Act (CRA) Compliance: An Urgent Wake-up Call for the Open Source Ecosystem

Blog EU Cyber Resilience Act Global Cyber Policy Compliance CRA Cybersecurity Regulation Open Source Security Software Supply Chain

First Steps Towards Cyber Resilience Act Conformity: Biking the CRA with Balena at FOSDEM 2026

Recently, I spoke at the Free and Open Source Developers' European Meeting (FOSDEM) 2026 on “First steps towards Cyber Resilience Act (CRA) conformity: A practical introduction to cybersecurity risk management.”

Blog EU Cyber Resilience Act Global Cyber Policy Guest Blog Community CRA Cyber Resilience Act FOSDEM OpenSSF

Case Study: Defending the Open Source Supply Chain in a New Regulatory Era

Blog Case Studies EU Cyber Resilience Act Compliance CRA Open Source Security Red Hat Supply Chain Integrity

EU Cyber Resilience Act (CRA) in Practice @ FOSDEM 2026: From Awareness to Action

Over the past few years, the free and open source (FOSS) community has engaged deeply with the CRA, highlighting its significance and potential impact.

Blog EU Cyber Resilience Act Guest Blog CRA Cyber Resilience Act (CRA) FOSDEM OpenSSF Public Policy

OpenSSF at FOSDEM 2026: From Policy to Practical Security

FOSDEM is one of Europe’s most important gatherings for open source communities, and OpenSSF will participate again in 2026. The event brings together developers, maintainers, researchers, and industry contributors for two days of technical talks, hallway discussions, and collaboration.

Blog Community CRA Europe FOSDEM LF Europe OpenSSF OSSSecurity

Preserving Open Source Sustainability While Advancing Cybersecurity Compliance

The Cyber Resilience Act (CRA) represents a significant evolution in the European Union’s approach to product cybersecurity and software supply chain risk. Article 25 explicitly recognizes the unique role of free and open source software (FOSS) and seeks to facilitate compliance for manufacturers by enabling voluntary security attestation programmes for FOSS.

Blog EU Cyber Resilience Act Global Cyber Policy Community CRA Cyber Resilience Act Cybersecurity

OpenSSF’s 2026 Themes: A Community Roadmap for Securing the Future of Open Source

Each year, the Open Source Security Foundation (OpenSSF) focuses its content and engagement on the security topics that matter most to the open source community. In 2026, we are organizing content around quarterly themes that reflect community priorities, global policy developments, and real-world security needs.

Blog Community community events Content themes CRA Events Linux Foundation Open Source Security

Recap: Open Source Security Week in Belgium – Highlights from Ghent to Brussels

At the end of October 2025, the Linux Foundation Europe, OpenSSF, and CEPS brought together developers, maintainers, policymakers, and industry leaders for conversations on open source, security, and Europe’s digital future. Through keynotes, workshops, and policy-focused sessions, the week created much-needed clarity around the Cyber Resilience Act (CRA) and, more broadly, the EU cybersecurity policy,…

Blog Communiy CRA Cybersecurity EU Events Linux Foundation OpenSSF Security

What’s in the SOSS? Podcast #40 – S2E17 From Manager to Open Source Security Pioneer: Kate Stewart’s Journey Through SBOM, Safety, and the Zephyr Project

Podcast Best Practices CRA Elisa Podcast Software Bill of Materials (SBOM) Zephyr

From Ghent to Brussels: OpenSSF’s Week of Policy and Security in Europe

At the end of October, the Linux Foundation, the Linux Foundation Europe and OpenSSF will gather leaders across industry, government, and open source communities for three impactful events in Belgium. Together, these back-to-back gatherings will advance collaboration, shape policy, and highlight the critical role of open source in Europe’s digital future.

Blog EU Cyber Resilience Act Global Cyber Policy CRA Cybersecurity EU Events OpenSSF Community Public Policy