Blog
The Finite State Blog

Practical insights and articles from our SMEs to help product security teams cut triage noise, fix what matters faster, and deliver audit-ready proof to customers and regulators.

440 results

X-ray 3/4 view of a connected vehicle, the dark car body shown in shadow while its internal electronics — infotainment unit, telematics module, OBD-II dongle, and dashcam — glow orange and are revealed by scan line passing through the car.
Compliance & RegulationsCompliance

Cyber Resilience Act for Automotive Suppliers: The Car Is Exempt, but What's Inside Isn't

Most suppliers hear "automotive is exempt" and move on. The CRA carves out the finished vehicle, but a meaningful share of what they sell still falls ...

Doc McConnell
Doc McConnellJUNE 24, 2026
A lineup of connected devices — an industrial PLC, a network router, and a smart home IoT hub — on a dark reflective surface, each overlaid with a teal X-ray scan revealing the circuit boards inside, illustrating continuous security scanning for CRA compliance.
Compliance & Regulations

CRA Compliance Is Not a Checkbox. It's a Continuous Program.

Manufacturers tend to prepare for the EU Cyber Resilience Act (CRA) the way they'd prepare for an exam, something you study for, pass, and put behind ...

Doc McConnell
Doc McConnellJUNE 17, 2026
Large warehouse full of outdated IoT devices. Caption reads "Supported doesn't mean finished."
Compliance

CRA Flips the Timeline: Why Retroactive Vulnerability Management Is the Real Challenge

Most CRA prep focuses on new products. The harder obligation reaches back across everything you have already shipped—and the September 11, 2026, deadl...

Doc McConnell
Doc McConnellJUNE 10, 2026
PLC Device being scanned to reveal inner components and software.
Product Security

Pre-Ship vs. Runtime Security: Building the Full Stack

Why the industry's fixation on the active monitor keeps missing the structural foundation.

Sharon Hagi
Sharon HagiJUNE 3, 2026
Illustration of an hourglass labeled “Article 14” with golden sand flowing downward beside a transparent digital map of Europe. Glowing network connections and security icons overlay the map against a dark background with faint EU stars, symbolizing a regulatory compliance deadline.
Compliance

CRA Vulnerability Reporting: September 2026 is Around the Corner

Starting September 11, 2026, manufacturers must notify ENISA within 24 hours of an actively exploited vulnerability. Most don't have the four operatio...

Doc McConnell
Doc McConnellMAY 28, 2026
Understanding The EU CRA's SBOM & Technical Documentation Requirements
SBOM ManagementCompliance & Regulations

Understanding The EU CRA's SBOM & Technical Documentation Requirements

Ensure compliance with the EU Cyber Resilience Act. Learn how IoT manufacturers can streamline SBOM creation, updates, and documentation with expert t...

Doc McConnell
Doc McConnell MAY 21, 2026
The Parallel Rail, Finite State's Model for Continuous Connected Device Security by Sharon Hagi, Chief Security Officer
Product Security

What Is the Parallel Rail? Finite State's Model for Continuous Connected Device Security

AI is becoming physical—and traditional checkpoint security models can’t keep up. The Parallel Rail embeds continuous product security and compliance ...

Sharon Hagi
Sharon HagiMAY 21, 2026
Router being scanned
Product Security

The FCC's Waiver Extension for Routers Is the Right Call for Cybersecurity

Why patch status matters more than where it’s assembled—and what device makers should take from the policy reversal.

Doc McConnell
Doc McConnellMAY 19, 2026
Conformity Assessments: Understanding the EU Cyber Resilience Act Requirements
Compliance & Regulations

Conformity Assessments: Understanding the EU Cyber Resilience Act Requirements

Learn about the EU Cyber Resilience Act's conformity assessments. Discover how IoT manufacturers can ensure compliance based on product risk categorie...

Doc McConnell
Doc McConnell MAY 12, 2026
The Best SBOM Generation Tools Compared (& How to Pick the Right One)
SBOM Management

The 4 Best SBOM Generation Tools Compared (Updated for 2026)

Discover how SBOMs enhance software supply chain security, explore top SBOM generators, and find the right tool for your organization's needs.

Finite State Team
Finite State TeamMAY 10, 2026
A stack of five semi-transparent glass document panels fanned and layered on a dark reflective surface. The top panel is illuminated by a bright teal scanning light sweeping horizontally across it, revealing faint data grids and chart lines beneath. An amber-orange glow emanates from the base of the stack, reflecting warmly on the surface below. The background is deep near-black with sparse scattered light points. The overall mood is technical, precise, and cinematic.
Compliance & Regulations

CRA Compliance Is a Full-Time Job. Most Teams Don't Have That.

EU CRA reporting obligations start in September 2026. Finite State's managed CRA service delivers five maintained compliance outputs for a designated ...

Finite State Team
Finite State TeamMAY 4, 2026
A Look at the UN R155 Regulation for Connected Vehicles
Connected Vehicles

UNECE R155: Cybersecurity Regulation for Vehicles Explained

UNECE R155 is the binding cybersecurity regulation for vehicles. See the requirements, 2021–2024 deadlines, CSMS steps, and how it differs from ISO/SA...

Doc McConnell
Doc McConnellAPRIL 9, 2026
Finite StateFinite State

Finite State is the Product Security Automation Platform that functions as an autonomous Product Security OS: design → verify → prove, grounded in what you ship.

Platform

Platform Overview
Ground Truth Inventory
Exploitability-Based Prioritization
Design-Time Architecture Security
Automated Evidence-Backed Compliance

Solutions

Device Manufacturers
Automotive
Medical Devices
Energy & Utilities
Government
Industrial

Resources

Blog
Resource Library
Webinars & Videos
Events
Documentation

Company

About Us
CareersHIRING
Press & News
Contact Sales
Media Inquiries
X

© 2026 Finite State. All rights reserved.

Privacy PolicyTerms of UseCustomer Terms and Conditions
Finite StateFinite State
Finite StateFinite State