Mike Vizard talks with Christopher Robinson of OpenSSF about the EU Cyber Resilience Act and why many software organizations are still unprepared for upcoming compliance obligations. Robinson explains how the CRA affects manufacturers selling products with digital elements into the European Union, including vulnerability reporting, cybersecurity requirements, documentation and potential financial penalties. The conversation also explores why organizations need to reduce software risk, understand dependencies, improve security practices and use business-focused risk language to gain executive support.
Up Next in OSS 2026 Minneapolis
-
OpenTelemetry Graduation Sets Stage f...
Mike Vizard talks with Chris Aniszczyk of the CNCF about OpenTelemetry’s graduation and the project’s evolution from OpenTracing and OpenCensus into a widely adopted observability standard. Aniszczyk explains why OTel is becoming foundational for tracing applications, modernizing legacy monitorin...
-
AI Vulnerability Surge Tests Software...
Mike Vizard talks with Brian Fox of Sonatype about why AI-assisted vulnerability discovery could create a rapid surge of software supply chain risk. Fox explains that attackers and defenders can now use advanced models to find flaws faster, which could lead to exploit timelines that outpace tradi...
-
CDEvents Simplifies AI-Ready Develope...
Mike Vizard talks with Dadisi Sanyika of the Continuous Delivery Foundation about Conduit and the effort to reduce integration complexity for internal developer platforms. Sanyika explains how CDEvents can provide consistent software delivery receipts across tools such as Jenkins and Tekton, maki...
