Anticipating the Cyber Resilience Act: CNLL presents its practical guide

The Cyber Resilience Act (CRA), adopted in December 2023, imposes new security obligations on all software and software-integrated products in the EU. This regulation directly affects the Open Source sector, by requiring the provision of security attestations, the documentation of software components used, and the implementation of vulnerability management processes. To support creators, integrators and users of open source software, the CNLL has drawn up a practical guide in collaboration with inno³, offering concrete solutions to help open source players comply with the CRA. The presentation will enable participants to grasp the issues and adopt practices adapted to this new regulatory framework. This is an essential opportunity for the free software community to anticipate the challenges and opportunities linked to these new cybersecurity requirements.