102 Pro

Cyber Resilience Act — Pro · Vulnerability handling and CE conformity

Practical implementation of the CRA: secure development, SBOM, vulnerability handling, reporting and technical documentation for CE conformity.

The CRA requires manufacturers, importers and distributors to build security into products with digital elements. This track covers secure design and development, the software bill of materials (SBOM), risk assessment, vulnerability handling and reporting, and the technical documentation that supports the declaration of conformity and CE marking.

Content

Scope, classes and roles

What the CRA covers, the timeline, product classes and who is responsible.

The CRA in practice: scope and timeline
10 min
Product classes and the conformity route
10 min
Roles: manufacturer, importer, distributor
10 min
Quiz: Kravbilde og roller
5 min

Security requirements and vulnerability handling

Secure-by-design, vulnerability handling throughout the support period, and the SBOM.

Security across the lifecycle (secure-by-design)
10 min
Vulnerability handling and coordinated disclosure
10 min
SBOM and a secure update mechanism
10 min
Quiz: Kontroller og arbeidsflyt
5 min

Conformity, CE marking and reporting

Conformity assessment, CE marking, reporting deadlines and market surveillance.

Conformity assessment and CE marking
10 min
Reporting vulnerabilities and incidents (24h/72h/14d)
10 min
Technical documentation, market surveillance and sanctions
10 min
Quiz: Dokumentasjon og rapportering
5 min

Duration: 55 min
Difficulty
Modules: 3
Lessons: 12
Certificate: Silver

Have an account? Log in