Following a strong presence at FOSDEM and our second Code & Compliance event, conversations around the Cyber Resilience Act (CRA) continue to mature — shifting from awareness to practical implementation. The sessions and workshops helped advance key ORC deliverables, including the voluntary security attestations project and ongoing work around due diligence. As momentum builds around these critical initiatives, we encourage you to follow orcwg.org/blog for the latest updates and opportunities to get involved.
Timo Perala and Dirk-Willem van Gulik
ORC co-chairs
What’s New
- Open Community for Compliance at OCX 2026
The Open Community for Compliance program is shaping up to be a must-attend event, featuring sessions like Beyond Compliance: What the Cyber Resilience Act Means for Software Trust and Generating an SBOM Is Not Enough for Java Teams. If you’re navigating CRA readiness or responsible open source practices, this is where the conversation is happening. Register now to secure your spot in Brussels, April 21–23. - Code & Compliance – FOSDEM Edition Recordings Available
Catch up on the full playlist from our latest Code & Compliance, featuring expert discussions on open source, compliance realities, and CRA readiness. - Eclipse Foundation and ECSO Formalise Cooperation
The Eclipse Foundation and the European Cyber Security Organisation (ECSO) have signed a Memorandum of Understanding to strengthen collaboration around cybersecurity, standards, and regulatory readiness — reinforcing our shared commitment to a secure and resilient digital ecosystem. Learn more
Blog you might have missed
Overheard
Upcoming Events
Recent Talks & Events
How to Participate
