EU Cyber Resilience Act and SMEs: Every Relief Measure Available to Smaller Manufacturers
The CRA includes targeted SME relief measures — but they are unevenly distributed. Which measures apply, who benefits, and where medium-sized enterprises are left out.
kunnus-scanner Is Now Open Source: Free SBOM Generation for CRA Compliance
We've open-sourced kunnus-scanner – a free CLI tool for generating SBOMs across 30+ ecosystems in SPDX and CycloneDX formats. Get started in minutes with Homebrew, Docker, or GitHub Actions.
Cyber Resilience Act and Switzerland: What Swiss Manufacturers Need to Know for EU Exports
The EU Cyber Resilience Act applies to Swiss manufacturers exporting to the EU. Learn about your obligations, key deadlines, and how to make your products CRA-compliant.
Why Manual CRA Compliance Fails
The EU Cyber Resilience Act overwhelms manual processes. Learn why automation is the key to CRA compliance for manufacturers.
Vulnerability Management Under the CRA: Obligations, Processes, and Tools for Manufacturers
The Cyber Resilience Act makes vulnerability management mandatory. Learn what processes manufacturers must build – from detection through reporting to coordinated disclosure.
20 Products You Didn't Expect – Why the Cyber Resilience Act Could Disrupt Your Business
RFID chips, plush toys, coffee machines – the CRA affects far more than the IT industry. 20 surprising product examples and what manufacturers need to know now.
CRA Requirements for Industrial Automation: What OEMs and Machine Builders Need to Know
The Cyber Resilience Act affects PLCs, HMIs, and industrial controllers. Learn which CRA requirements apply to industrial automation and how machine builders can implement compliance.
CRA Compliance Software Compared: Why Partial Solutions Fall Short
CRA compliance requires more than SBOM tools or vulnerability scanners alone. Learn why integrated platforms like Kunnus outperform fragmented approaches – and what to look for when choosing.
CRA Conformity Assessment and CE Marking: A Step-by-Step Guide
How does the conformity assessment under the Cyber Resilience Act work? Learn which procedure applies to your product, what CE marking means, and how to create the EU declaration of conformity.
CRA Countdown: Compliance Roadmap 2026–2027
Deadlines Sept 2026 & Dec 2027: The CRA roadmap for EU manufacturers. Learn exactly what to do and when to stay compliant.
Smart Home and CRA: What Consumer Electronics Manufacturers Need to Know
Smart home devices fall under the Cyber Resilience Act. Learn which CRA requirements apply to smart locks, thermostats, cameras, and other connected household products.
Cyber Resilience Act Requirements: Complete Overview for Manufacturers
All CRA requirements at a glance – from security by design through SBOM obligations to reporting duties. The complete overview with links to detailed guidance for each requirement.
CRA Penalties for Non-Compliance: Fines, Product Recalls, and Consequences
What happens if you fail to comply with the Cyber Resilience Act? Learn about CRA fines up to 15 million euros, product recalls, and the consequences manufacturers face.
CRA vs NIS2: Differences, Overlaps, and What Manufacturers Need to Know
The Cyber Resilience Act and NIS2 Directive are two EU cybersecurity regulations with different scopes. Learn how CRA and NIS2 differ and what obligations apply to manufacturers of digital products.
Cyber Resilience Act and SaaS: What Software-as-a-Service Providers Need to Know
Does SaaS fall under the Cyber Resilience Act? Learn how the CRA affects Software-as-a-Service, where the boundaries lie, and why SaaS providers still need to take action.
CRA Compliance for Embedded Systems: Requirements, Deadlines, and Implementation
Embedded systems fall under the Cyber Resilience Act. Learn which CRA requirements apply to embedded devices, key deadlines, and how to implement compliance efficiently.
Practical Steps to CRA Compliance
From CRA awareness to action: step-by-step guide for manufacturers based on BSI TR-03183-1. Achieve CRA compliance now.
Cyber Resilience Act Scope: Which Products Are Affected?
Does your product fall under the Cyber Resilience Act? Learn exactly which products the CRA covers, which exemptions apply, and how product classification works.
The CRA Is Coming: Why OEMs Must Act Now
The Cyber Resilience Act takes effect in 2027. OEMs and equipment manufacturers must act now to avoid penalties and market exclusion.
How to Create an SBOM for IoT Products: A Practical Guide to CRA Compliance
Learn how IoT manufacturers can create a Software Bill of Materials (SBOM), choose the right format, and meet the requirements of the EU Cyber Resilience Act.
Cyber Resilience Act Summary: Key Facts at a Glance
A compact summary of the EU Cyber Resilience Act – objectives, scope, core obligations, deadlines, and penalties. With references to the original documents.
Welcome to the Kunnus Blog
Insights on cyber resilience, risk management and robust security strategies. Our blog for modern organizations and manufacturers.