Brussels, Belgium
24 March, 2026
26 March, 2026
Brussels, Belgium
24-26 March, 2026
Join Brightsight at the EU Cyber Acts Conference 2026, the largest independent event for cyber certification of ICT products and networks
he largest independent event for cyber certification of ICT products and networks
We are pleased to be a silver sponsor of the EU Cyber Acts Conference 2026 and share our expertise. Visit us at booth 2, where our experts will share valuable insights on how to prepare for the Cyber Resilience Act (CRA).
The EU Cyber Acts Conference brings together international developers to understand how the European Union is leading the way in setting benchmark standards for cybersecurity and resilience. EU standards and certification procedures for information technology, communications technology, data protection, and privacy in technology products and networks are mature, tested, and will provide a model for future certification frameworks around the world.
Don't miss our expert talks at the conference
Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation
Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation
25 March (Wednesday), 16:20
Olaf Tettero
Chief Operating Officer, Brightsight
Security evaluation laboratorires work with a wide range of evaluation standards, yet the core goal remains the same: determining whether a product is sufficiently secure and whether this can be demonstrated through analysis and testing. When developing harmonised standards for the Cyber Resilience Act (CRA), it is vital to establish how a specific product should be evaluated. This talk provides guidelines for security evaluation standards to help determine the most suitable approach for both the product and the evaluation objective.
Breaking the Evaluation Bottleneck: Practical AI Tools for Modern Security Certification
Breaking the Evaluation Bottleneck: Practical AI Tools for Modern Security Certification
25 March (Wednesday), 16:50
Sergio Casanova
Chief Technology Officer, Brightsight
The increasing complexity of security evaluations under schemes like Common Criteria, SESIP, and GSMA presents significant resource challenges for laboratories and developers. This talk explores using Artificial Intelligence to execute basic and substantial security assessments, particularly for compliance activities. Attendees will gain balanced insights into AI’s practical opportunities and limitations in security certification processes.
Augusto Velasco
Fellow CC Evaluator, Brightsight
Beyond the Download Button: Managing Open Source Risk Under CRA
Beyond the Download Button: Managing Open Source Risk Under CRA
26 March (Thursday), 13:30
The Cyber Resilience Act introduces continuous maintenance requirements throughout a product’s lifecycle, fundamentally shifting open source responsibility to manufacturers. This talk explores critical challenges such as establishing vulnerability monitoring for hundreds of components, balancing 24-hour critical response requirements against testing realities, and managing abandoned upstream projects. The talk examines practical approaches including SBOM management, automated scanning, and patch prioritization strategies.
Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation
Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation
25 March (Wednesday), 16:20
Olaf Tettero
Chief Operating Officer, Brightsight
Security evaluation laboratorires work with a wide range of evaluation standards, yet the core goal remains the same: determining whether a product is sufficiently secure and whether this can be demonstrated through analysis and testing. When developing harmonised standards for the Cyber Resilience Act (CRA), it is vital to establish how a specific product should be evaluated. This talk provides guidelines for security evaluation standards to help determine the most suitable approach for both the product and the evaluation objective.
Breaking the Evaluation Bottleneck: Practical AI Tools for Modern Security Certification
Breaking the Evaluation Bottleneck: Practical AI Tools for Modern Security Certification
25 March (Wednesday), 16:50
Sergio Casanova
Chief Technology Officer, Brightsight
The increasing complexity of security evaluations under schemes like Common Criteria, SESIP, and GSMA presents significant resource challenges for laboratories and developers. This talk explores using Artificial Intelligence to execute basic and substantial security assessments, particularly for compliance activities. Attendees will gain balanced insights into AI’s practical opportunities and limitations in security certification processes.
Beyond the Download Button: Managing Open Source Risk Under CRA
Beyond the Download Button: Managing Open Source Risk Under CRA
26 March (Thursday), 13:30
Augusto Velasco
Fellow CC Evaluator, Brightsight
The Cyber Resilience Act introduces continuous maintenance requirements throughout a product’s lifecycle, fundamentally shifting open source responsibility to manufacturers. This talk explores critical challenges such as establishing vulnerability monitoring for hundreds of components, balancing 24-hour critical response requirements against testing realities, and managing abandoned upstream projects. The talk examines practical approaches including SBOM management, automated scanning, and patch prioritization strategies.
