Threat Modelling under the Cyber Resilience Act

Join us for the first CRACoWi project webinar with Katherine Leese from SevenShift, to explore a practical, evidence-based threat modelling process that aligns directly with the CRA’s risk-assessment and documentation requirements.

Are you ready for the Cyber Resilience Act (CRA)? The CRA requires manufacturers to understand and document cybersecurity risks in their connected products – but how do you actually do that in practice?

This hands-on session bridges the gap between paper compliance and practical, testable security – giving you a repeatable approach adaptable to your own environment.

What you’ll learn:
– How to use Data Flow Diagrams (DFDs) to map system context,
– How to apply STRIDE to identify threats,
– How to link findings to real attacker techniques using MITRE,
– How the CRACoWi Wizard supports you in gathering the right evidence and demonstrating CRA readiness.

Who should attend: Engineers, product security teams, managers, and anyone involved in designing, building, or securing connected products.

ℹ️ This webinar is the first in a series of CRAcademy training sessions — practical learning opportunities designed to help you navigate and implement the Cyber Resilience Act with confidence.

Webinar will be in english and free of charge.