Upgrade to Pro — share decks privately, control downloads, hide ads and more …

From Compliance to Code: the Cyber Resilience A...

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Marcus Ross Marcus Ross
February 12, 2026
Technology
0
3

From Compliance to Code: the Cyber Resilience Act (CRA), SBOMs, DevTeams and YOU!

The EU Cyber Resilience Act (CRA) is reshaping how manufacturers and developers must secure their products—but what does it mean for your Developer platforms, DevOps pipelines, and DevTeams? In this session, we’ll share a real-world implementation of the Technical Guideline TR-03183 from the Federal Office of Information Security. We demonstrate how to technically address CRA mandates without drowning in compliance overhead.

We’ll start by answering: "Why should Platform teams care about the CRA?" Then we’ll dive into our stack with cdxgen, DependencyTrack, and Central Cyclone to show how we automated SBOM generation, vulnerability tracking, and compliance reporting.

Avatar for Marcus Ross

Marcus Ross

February 12, 2026
Tweet

More Decks by Marcus Ross

See All by Marcus Ross
Mythbusting Azure SQL
Avatar for Marcus Ross zahlenhelfer
0
120
Das neue Crossplattform Dreamteam - Ionic/Angular/Cordova
Avatar for Marcus Ross zahlenhelfer
0
79
RDBMS und Map/Reduce - Hadoop trifft SQL
Avatar for Marcus Ross zahlenhelfer
0
51
Hardware steuern mit Javascript
Avatar for Marcus Ross zahlenhelfer
0
44
RDBMS triff Map/Reduce
Avatar for Marcus Ross zahlenhelfer
0
54
Raspberry Pi für Entwickler
Avatar for Marcus Ross zahlenhelfer
0
70
HILFE - meine Entwickler verstehen mich nicht
Avatar for Marcus Ross zahlenhelfer
0
95
Big Data for the Rest of us
Avatar for Marcus Ross zahlenhelfer
0
50
WDC 13 - JavaScript Debugging
Avatar for Marcus Ross zahlenhelfer
0
200

Other Decks in Technology

See All in Technology
OCI技術資料 : 外部接続 VPN接続 詳細
Avatar for Oracle Cloud Infrastructure ソリューション・エンジニア ocise
1
10k
器用貧乏が強みになるまで ~「なんでもやる」が導いたエンジニアとしての現在地~
Avatar for KAKEHASHI kakehashi
PRO
5
590
社内でAWS BuilderCards体験会を立ち上げ、得られた気づき / 20260225 Masaki Okuda
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
130
Goで実現する堅牢なアーキテクチャ:DDD、gRPC-connect、そしてAI協調開発の実践
Avatar for fujidomoe fujidomoe
3
770
Intro SAGA Event Space
Avatar for midnight480 midnight480
0
160
Contract One Engineering Unit 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
14k
primeNumber DATA MANAGEMENT CAMP #2:
Avatar for 阿部 昌利 masatoshi0205
1
590
社内ワークショップで終わらせない 業務改善AIエージェント開発
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
1
380
【Developers Summit 2026】Memory Is All You Need:コンテキストの「最適化」から「継続性」へ ~RAGを進化させるメモリエンジニアリングの最前線~
Avatar for KoheiOgawa shisyu_gaku
5
780
バニラVisaギフトカードを棄てるのは結構大変
Avatar for meow meow_noisy
0
150
Claude Codeと駆け抜ける 情報収集と実践録
Avatar for sontixyou sontixyou
1
1.1k
AIエージェントで変わる開発プロセス ― レビューボトルネックからの脱却
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
2
750

Featured

See All Featured
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
55
8k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3.3k
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
515
110k
Believing is Seeing
Avatar for Spiro Bolos oripsolob
1
68
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
302
51k
Done Done
Avatar for chrislema chrislema
186
16k
The Impact of AI in SEO - AI Overviews June 2024 Edition
Avatar for Aleyda Solis aleyda
5
750
How To Speak Unicorn (iThemes Webinar)
Avatar for Michelle Schulp Hunt marktimemedia
1
400
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
9.9k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
280
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k

Transcript

  1. None
  2. None

  3. apiVersion: v1 kind: Human metadata: name: "Bjarne Rentz" namespace: Hamburg

    spec: hobbies: ['bouldern','gaming','3dprint'] job: "Site Reliability Engineer" employer: "Hamburg Port Authority" certifications: - CKAD - GPM social: github: https://github.com/bjarnerentz linkedIn: linkedin.com/in/ bjarne-valentin-rentz

  4. apiVersion: v1 kind: Human metadata: name: "Marcus Ross" namespace: "Hamburg"

    spec: hobbies: ['triathlon','movies','3dprint'] job: "CCoE Lead" employer: "Hamburg Port Authority" certifications: - Kubestronaut / Cert. Ethical Hacker - ISO-27001 cert. / ITIL-Expert - AWS-Champion / Architect social: linkedIn: linkedin.com/in/zahlenhelfer github: zahlenhelfer.github.com
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None

  18. DependencyTrack Clone and analyse each configured repo Uploads SBOMs App

    1 App 2 App 3 App 4

  19. DependencyTrack 1. Observes for changes 4. Uploads created SBOM into

    the matching Project GitOps Repo App 1 - Dev: 1.0.1 App 1 - Prod: 1.0.0 App 2 - Dev: 3.21.5 App 2 - Prod: 3.21.1 2. Identifies changed version for App 2 on Prod Application Repos App 1 App 2 3. Clones App 2 with version 3.21.1
  20. None
  21. None
  22. None
  23. None
  24. None