Who it applies to
- Software products and connected products placed on the EU market.
- Vendors that need vulnerability handling and secure development evidence.
- Cybersecurity and general software companies serving EU customers.
What you need to do
- Secure development, vulnerability handling, documentation, and incident reporting.
- Evidence that product security is monitored and maintained after release.
- Clear accountability for product cybersecurity risks.
How to use this entry
- Use this page to understand the buyer or regulatory pressure before it becomes a deadline.
- Run the regulation checker to see whether this area is likely to matter for your company now.
- If it becomes relevant, Kaamos can help you scope the gap and turn it into prioritized security work.