Blog
The Finite State Blog

Practical insights and articles from our SMEs to help product security teams cut triage noise, fix what matters faster, and deliver audit-ready proof to customers and regulators.

69 results

A Unified Path to CRA Compliance: Breaking Silos, Matching Risk
Compliance & Regulations

A Unified Path to CRA Compliance: Why Teams Need to Break Silos and Match Velocity

Learn how unified risk assessment and reachability help teams break silos, reduce CRA reporting effort, and focus on real, exploitable risk.

Dario Lobozzo
Dario LobozzoJANUARY 27, 2026
Mistakes to Avoid in Your CRA Readiness Strategy
Compliance & Regulations

Mistakes to Avoid in Your CRA Readiness Strategy

Learn the most common EU CRA readiness mistakes product security teams make and how to build a repeatable, scalable compliance strategy that works.

Dario Lobozzo
Dario LobozzoDECEMBER 11, 2025
How to Improve CRA Readiness Starting Tomorrow
Compliance & Regulations

Low-Hanging Fruit: How to Improve CRA Readiness Starting Tomorrow

Explore simple, high-impact steps product manufacturers can take today to reduce risk and begin meeting EU Cyber Resilience Act requirements.

Dario Lobozzo
Dario LobozzoDECEMBER 11, 2025
How Multi-Modal Scanning Simplifies CRA Compliance
Compliance & Regulations

How Multi-Modal Scanning Simplifies CRA Compliance

Learn how combining binary analysis, source code scanning, and SBOM ingestion enables full-spectrum vulnerability visibility for EU CRA compliance.

Dario Lobozzo
Dario LobozzoDECEMBER 11, 2025
Simplifying CRA & FDA 524B Compliance with Unified Risk
Compliance & Regulations

How a Unified Risk View Simplifies Compliance with EU CRA, FDA 524B, and Beyond

From CRA to FDA 524B, regulators expect traceability and continuous security. Learn how unified risk data reduces compliance overhead & boosts confide...

Mike Hatherall
Mike HatherallNOVEMBER 24, 2025
Why Living SBOMs Are Key to Compliance Readiness
Compliance & RegulationsSBOM Management

From Static to Strategic: Why Living SBOMs Are Key to Compliance Readiness

Regulations like the EU CRA demand ongoing visibility, not one-time SBOM exports. Discover how living SBOMs support audits, evidence, and continuous c...

Mike Hatherall
Mike HatherallNOVEMBER 18, 2025
Korea Introduces Mandatory SBOM Submissions: What It Means for Product Security
Compliance & Regulations

Korea Introduces Mandatory SBOM Submissions: What It Means for Product Security

South Korea joins the U.S., EU, and Japan in mandating SBOMs by 2027—advancing global software transparency and supply chain security. Discover what i...

Finite State Team
Finite State TeamNOVEMBER 7, 2025
How to Build a CRA-Compliant Vulnerability Disclosure Program That Scales
Compliance & Regulations

How to Build a Scalable, Repeatable CRA Vulnerability Disclosure Program

Learn how to build a scalable vulnerability disclosure program that meets the EU CRA's continuous monitoring and reporting requirements with evidence ...

Dario Lobozzo
Dario LobozzoNOVEMBER 4, 2025
Reachability Analysis: The CRA Game-Changer for Vulnerability Prioritization
Compliance & Regulations

Reachability Analysis: The CRA Game-Changer for Vulnerability Prioritization

Learn how reachability analysis helps manufacturers cut through CVE overload, focus on real threats, and meet EU Cyber Resilience Act requirements eff...

Dario Lobozzo
Dario LobozzoNOVEMBER 4, 2025
Road to Compliance: First Steps OEMs and Suppliers Should Take Today
Connected VehiclesCompliance & Regulations

The Road to Compliance: First Steps OEMs and Suppliers Should Take Today

Learn how to achieve Connected Vehicle Rule compliance with six actionable steps — from SBOM & HBOM generation to supplier engagement and risk evaluat...

Finite State Team
Finite State TeamOCTOBER 20, 2025
Legacy Software & CVR Compliance Carveouts Explained
Connected VehiclesCompliance & Regulations

Legacy Software & CVR Compliance Carveouts Explained

Learn how legacy carveouts and specific authorizations can help you comply with CVR—while time-limited, they demand proactive planning now.

Finite State Team
Finite State TeamOCTOBER 16, 2025
Regulations Driving IoT Security Forward
Compliance & RegulationsIoT & OT

Regulations Driving IoT Security Forward

From EU CRA to FDA 524B, IoT regulations are reshaping the market. Learn what manufacturers need for compliance—SBOMs, testing, and supply chain visib...

Robert Kelley
Robert KelleySEPTEMBER 24, 2025
Finite StateFinite State

Finite State is the Product Security Automation Platform that functions as an autonomous Product Security OS: design → verify → prove, grounded in what you ship.

Platform

Platform Overview
Ground Truth Inventory
Exploitability-Based Prioritization
Design-Time Architecture Security
Automated Evidence-Backed Compliance

Solutions

Device Manufacturers
Automotive
Medical Devices
Energy & Utilities
Government
Industrial

Resources

Blog
Resource Library
Webinars & Videos
Events
Documentation

Company

About Us
CareersHIRING
Press & Media
Contact Sales
X

© 2026 Finite State. All rights reserved.

Privacy PolicyTerms of UseCustomer Terms and Conditions
Finite StateFinite State
Finite StateFinite State
LoginLogin