Webinar | From SBOM to Submission: Operationalizing CRA Vulnerability Handling
Data Breach TodayArchived Jun 18, 2026✓ Full text saved
Full text archived locally
✦ AI Summary· Claude Sonnet
Governance & Risk Management , Software Bill of Materials (SBOM) , Standards, Regulations & Compliance
Webinar | From SBOM to Submission: Operationalizing CRA Vulnerability Handling
Presented by Finite State 60 mins
Credit Eligible
The EU Cyber Resilience Act (CRA) reporting requirements take effect on September 11, 2026, and connected-device manufacturers need more than a vulnerability scan to be ready. CRA requires a documented, risk-based vulnerability handling process that can demonstrate how security decisions were made, prioritized, and maintained throughout the product support lifecycle.
Join Finite State for a practical webinar on the steps organizations should take now to prepare. Learn how to build a defensible vulnerability management workflow using binary-derived SBOMs, exploit intelligence such as EPSS and CISA KEV, reachability analysis, and VEX documentation. We'll show how to prioritize real risk, reduce vulnerability noise, and create the evidence needed to support Annex VII documentation.
Attendees will leave with a clear understanding of what CRA expects, how to operationalize vulnerability handling, and how to maintain audit-ready evidence that supports ongoing compliance efforts and readiness for Article 14 incident reporting obligations.