Cutting Through the Fog: Clarifying CRA Compliance in Cloud Native

This keynote presentation explores the implications of the European Union's Cyber Resilience Act (CRA) for cloud native technologies and open source projects. Join Eddie Knight, OSPO Lead at Sonatype, and Michael Lieberman, CTO of Kusari, as they demystify CRA compliance with a light-hearted approach. As leaders of CNCF's Technical Advisory Group for Security and maintainers of the OpenSSF Security Baseline, the speakers provide valuable insights on navigating regulatory requirements without compromising innovation. Learn how cloud technology, open source projects, and end users can benefit from the CRA while avoiding potential legal pitfalls. Discover practical strategies for software creators to ensure compliance and leverage the regulatory framework as an opportunity rather than an obstacle in the cloud native ecosystem.