Cyber Resilience Act Training for Developers
This training course presents this material in a practical manner tailored to a technical audience. Participants will learn how to fulfil the requirements of the CRA and to implement appropriate measures and activities in real-world scenarios.

At a glance
General information
- Three days of practice-based training (on-site or remote)
- Flexible training agenda with customisable technical focus areas
Target group
Software developers
Application examples
Overview of security activities specific to the Cyber Resilience Act
Description
With the increasing significance of software systems for digital products comes an increase in the number of threats to which these systems are exposed. A developer training course specifically referencing the Cyber Resilience Act is decisive for embedding security into the development process at an early stage and minimising risks effectively. If security is neglected, it often remains only a matter of time until vulnerabilities cause serious problems.
The EU’s Cyber Resilience Act increases the requirements for a large number of products and aims to ensure the more comprehensive and consistent implementation of security measures throughout the development process. Our Cyber Resilience Act Training Course for Developers enables companies to address these obligations. It also allows companies to improve the level of security awareness within their development teams and the quality of the systems they develop, independent of regulatory requirements.
In addition to ensuring CRA compliance, this also adds long-term value to companies’ business models. After all, reputational damage (and the associated loss of trust) caused by negative reporting poses as great a risk to systems and companies as the vulnerabilities, attacks, and data losses themselves.
Our Cyber Resilience Act Training Course provides a fundamental overview of all the relevant phases of a secure software development process and the precise stipulations of the Cyber Resilience Act. Participants will learn to evaluate the security of their software more effectively and to implement appropriate measures and activities in real-world scenarios. The course is based on our own experience in software development projects, which enables us to share real-life best practices.
Agenda
- Introduction to Security: Motivation and Security Goals
- Context: CRA and Software Security
- Secure Design: Threat Modelling, Security Requirements, Risk Assessment
- Secure Coding: Security Principles, Cryptography, Coding Guidelines
- Supply Chain Security: Threats and Solutions, SBOM
- Secure Testing: Static and Dynamic Security Testing, Test Tooling
Typical questions we answer:
- What role do developers play in the practical implementation of the CRA?
- How can software developers identify and assess threats and risks for their software?
- What security requirements should be taken into account during software development, and how can these be implemented?
- What best practices exist for implementing authentication, authorisation, or cryptographic processes?
- What tools and methods are available for testing and monitoring software security?
- How important is supply chain security, and what measures does the CRA require?
- signed certificate of completion
- in-house training
- Customization available (agenda, tech stack, language, etc.)
- small training groups
Why inovex Academy?
Our offerThe inovex Academy has set itself the task of passing on knowledge about methods and technologies that we already use successfully in our projects.
Curated content
Our trainers create a customized training offer based on your requirements.
Customizable tech stack
In exclusive trainings, we can consider your tech stack for the training content.
Individual assistance
If needed, we can tailor the training to a specific use case of your company and work directly based on your data.
Trainers
Our trainers are field-tested experts in their areas of expertise. Through their work in projects, they expand their knowledge day by day and pass on this know-how in their trainings - application-oriented and practice-oriented.

Clemens Hübner

Dr Michael Gerhäuser
Dr. Michael Gerhäuser has been working professionally as a software developer since 2014 and joined the inovex team in 2022. He specialises in the design and implementation of web applications, both frontend and backend with operations and monitoring. He is also interested in topics such as software performance and web application security. In his private life, Michael is involved in the local software craftsmanship community by organising a Rust Meetup and as a member of the organisation team of a local barcamp.

Simon Dreher
Our training approach
From the needs analysis to the awarding of certificates, we offer customized training courses, flexibly designed and carried out according to your requirements.
If you are interested in in-house training, we will start by identifying your needs and discussing your objectives. This discussion forms the basis for an initial offer.
As soon as the framework data has been clarified, our trainers start adapting the training content. Many of our training courses have a modular structure and offer the opportunity to design the agenda flexibly. Training courses that prepare for certifications, on the other hand, are less flexible. Here, however, you can set the content focus according to your wishes.
You will receive all relevant information in advance of the training. The training will then take place in the room of your choice and at the agreed time. Our trainers will adapt to your requirements.
After completing the training, all participants receive a certificate confirming their participation. You will also have the opportunity to give us feedback on the content and the course. We are always happy to receive praise and suggestions for improvement.
Supplementary information

Collin Rogowski
Head of inovex Academy