This BoF will be a place to discuss technical details of making embedded products (using open source) compliant with the CRA (Cyber Resilience Act).

We can chat about: - the technical blueprints (secure defaults, hardening, logging, updates...) - processes (risk assessment, vulnerability reporting) - tools (SBOM, CVEs...)