Sabitlenmiş Tweet
Cory Hisey
1.4K posts
Cory Hisey
@Coryhighsea
Building a GRC platform for NIS2 compliance. 132 obligations, step-by-step. EU-first.
Canadian living in Germany Katılım Ağustos 2024
65 Takip Edilen59 Takipçiler
The CRA gives manufacturers until December 2027.
The first deadline is September 11.
Here's the discrepancy: Article 14 CRA applies independently of full compliance. From September 11, 116 days from now, every manufacturer of products with digital elements must report any actively exploited vulnerability to ENISA within 24 hours. Severe incidents: 72 hours. That obligation does not wait for December 2027.
And you cannot meet it without a Software Bill of Materials.
An SBOM is your complete map of every component in your product: every open-source library, every firmware dependency, every third-party package, every version. Without it, you cannot monitor for known vulnerabilities. Without monitoring, you cannot detect exploitation. Without detection, the 24-hour window does not exist for you.
You cannot report what you have not mapped.
The European Commission published its first substantive CRA enforcement guidance on March 3, 2026. Consultation closed April 13. The interpretive framework that will define how auditors read your documentation is being finalized now, not in 2027.
~18,500 German companies missed the NIS2 registration deadline in March. CRA is a different regulation. The pattern is the same.
One figure worth knowing: the SBOM must be retained for 10 years after the product leaves the market. That is not a compliance checkbox. It is a decade-long operational commitment.
CRA is now on the platform. No credit card. No lock-in. The SBOM is where it starts, and it discharges your Article 14 documentation obligation regardless of what tool you use to build it.
nisd2.eu
English
@archi_tradition Why? So you can see what time it is in space? How does it work anyways?
English
Every city should have an astronomical clock at its center.
English
@vivoplt Apparently not. Interviewer wasn’t satisfied with ‘my project’ after finding out I didn’t know much how it actually worked
English
@krzyzanowskim Imagine spending years mastering ReactJS/Javascript after LLMs arrived.
English
Imagine spending years mastering ReactJS/JavaScript right before LLMs arrive
English
@fidexcode Just because there is competition doesn’t mean you can’t do it
English
You’ll never think of a startup idea that doesn’t already exist 😂
I came up with the idea of a website where you compare product prices across different e-commerce stores and buy from the cheapest one.
Only to research it and discover many companies already solving it 💔
English
billion dollar idea:
diet coke but with 30g of protein
English
If animals don’t need passports to travel, why do we need passports to travel?
English
X is full of founders
LinkedIn is full of employees
Reddit is full of...?
English
What's the first thing that comes to mind when you see this refrigerator..
English
It took me all day, but I finally finished.
A pallet I made from an old coffee table.
English
After making fun of the US for so long, Germany has now also adopted a two-party system
English
@codewith55 This is the sign in an immigration office saying welcome in different languages
English
