Video Hub | Finite State

Security Expertise On-Demand

Product Security Theater

Experience the future of product security through our immersive video content. From Al-powered analysis to real-world case studies, discover how industry leaders protect their digital assets.

34 results

•
Compliance & Regulations(34 Videos)

Precision Over Panic: How to Focus on Real Risk for CRA Compliance

Dario Lobozzo from Finite State presents a comprehensive approach to CRA (Cyber Resilience Act) compliance, addressing the challenges organizations fa...

Why Regulated Industries Choose Finite State

Automotive, medical device, and telecom manufacturers face strict regulatory demands—and high stakes. In this video, Mike Hatherall, Lead Solutions Ar...

Why CRA Compliance Is So Challenging for Manufacturers

The EU CRA introduces sweeping new responsibilities for connected product manufacturers—but most aren’t ready. In this clip, Dario Lobozzo, GM of EMEA...

Solving the CRA Puzzle: A Layered Approach to Compliance

CRA compliance isn’t one-size-fits-all—especially for manufacturers of software-defined products. In this clip, Dario Lobozzo, GM of EMEA at Finite St...

Automating CRA Vulnerability Reporting for Real Business Impact

Dario Lobozzo, GM of EMEA at Finite State, describes the “holy grail” of CRA compliance: automated, scalable vulnerability reporting. In this clip, he...

CRA Flips the Script on Vulnerability Management

Vulnerability disclosure is nothing new—but CRA introduces a new twist: retroactive reporting. In this clip, Dario Lobozzo, GM of EMEA at Finite State...

The Beauty of the SBOM: Why It’s Essential for CRA Compliance

In this clip, Dario Lobozzo, GM of EMEA at Finite State, lays out the true value of SBOMs in modern product security—enabling visibility, context, and...

From 26,000 Vulnerabilities to 300: CRA Certification for Legacy Products

What happens when you have a legacy product—already in the field, five years on the market—and now you have to certify it for CRA? Learn how layering ...

Go Beyond CRA: Why Forward-Thinking OEMs Aim Higher

CRA is the baseline—but many forward-looking manufacturers aren’t stopping there. In this clip, Dario Lobozzo, GM of EMEA at Finite State, explains wh...

Accelerating CRA Readiness: Start Small, Move Fast

General Manager of EMEA Dario Lobozzo outlines a low-effort, high-impact strategy for getting started with CRA compliance. From rapid product risk ide...

Building a Scalable CRA Vulnerability Disclosure Program

Dario Lobozzo, GM of EMEA at Finite State, shares what it really takes to run a successful CRA vulnerability disclosure program: communication across ...

Why CRA’s Coordinated Vulnerability Disclosure Requirement Matters

Unpack the complexity of meeting CRA’s Coordinated Vulnerability Disclosure (CVD) requirements, including why CVD success requires deep visibility int...

Avoiding CRA Pitfalls: Don’t Wait to Fix What’s Broken

Dario Lobozzo, GM of EMEA at Finite State, calls out a common but costly mistake in CRA compliance planning: treating assessments and remediation as s...

CRA Readiness Isn’t a Checkbox—It’s a Long-Term Strategy

Treating CRA compliance as a one-time, checkbox exercise is a recipe for failure. While you may get through your first audit with spreadsheets and man...

Why Pen Testing Is Functionally Required for Cybersecurity Compliance

Pen testing may not be named in every regulation, but it’s essential to prove your security controls work.

Are You Impacted by the Connected Vehicle Rule?

Many OEMs, suppliers, and aftermarket companies may be affected by the CVR - here’s what you need to do now.

What It Takes to Secure a Specific Authorization Under the CVR

Understand how to secure a specific authorization under the CVR—and what cybersecurity evidence you’ll need—to increase your chances of acceptance.

Will the DoC Enforce the CVR Strictly from Day One?

Experts weigh in on how enforcement of the CVR might unfold—and why early flexibility could be on the table.

Why You Can’t Just “Approve” a Supplier Anymore

The Connected Vehicle Rule demands component-level scrutiny, especially with multi-region suppliers and JV structures.

Making the Legacy Software Carve-Out Work

Learn what it takes to remain compliant with the CVR, including codebase transfers and strict developer restrictions.

Firmware Exclusions and the Legacy Carve-Out: What Changed from the Draft Rule?

Learn how the final Connected Vehicle Rule narrows firmware definitions and creates a software carve-out that requires careful planning.

What’s In Scope (and What’s Not) Under the Connected Vehicle Rule

Understand how to determine what hardware and software falls under VCS and ADS requirements for the Connected Vehicle Rule.

Jurisdiction, Control, Direction: What Triggers Coverage Under the Connected Vehicle Rule?

Understand the blurry line companies must navigate to assess China or Russia-linked entities.

How Disruptive Is the Connected Vehicle Rule?

Experts explain why this regulation is unlike anything the automotive industry has faced before.

How to Exclude Components Under the CVR & Why It’s So Difficult

Learn what it really takes to identify, document, and verify component origins across your supply chain to comply with the Connected Vehicle Rule.

What Is the Connected Vehicle Rule?

A foundational overview of the rule’s scope, prohibitions, enforcement timeline, and supply chain impact.

Raising the Bar: What Compliance Now Expects From Your Security Program

Today’s regulatory expectations go far beyond shipping secure code. Discover what OEMs and suppliers must do to demonstrate ongoing security maturity.

Why the Cost of Compliance Is Far Less Than the Cost of Inaction

Global regulations aren’t just about fines—they impact market access. Learn why compliance is now a business-critical priority for IoT manufacturers.

Policy to Action: The Connected Vehicle Rule Webinar

Securing the Product Lifecycle: Building Global Compliance into IoT Development

AI: The Secret Weapon for Product Security Compliance at Finite State

Discover how Finite State uses AI to tackle the toughest part of compliance, so security teams can stay focused on protecting products and meeting glo...

Closing Security Gaps for CRA Compliance

See how the CRA pushes manufacturers to unify SBOMs, risk assessments, and vulnerability reporting in this soundbite from our Risk to Resilience webin...

Navigating Software Security and Compliance Challenges

Explore how companies meet security regulations through patching, vendor collaboration, or creative compensating controls when direct fixes aren’t fea...

Why Security Submissions Are Critical for Connected Medical Devices

Discover why getting security right the first time is essential for medical device approvals and how gaps in your submission can derail time-to-market...

Finite State is the Product Security Automation Platform that functions as an autonomous Product Security OS: design → verify → prove, grounded in what you ship.

Platform

Platform Overview

Ground Truth Inventory

Exploitability-Based Prioritization

Design-Time Architecture Security

Automated Evidence-Backed Compliance

Solutions

Device Manufacturers

Medical Devices

Energy & Utilities

Resources

Resource Library

Webinars & Videos

Company

© 2026 Finite State. All rights reserved.

Privacy Policy Terms of Use Customer Terms and Conditions