The Software Security Regulation Revolution

Launching SBOM Focus April 10th, 2026

We are proudly releasing the latest project of the SBOM Europe project – the SBOM Focus conference in Stockholm Sweden, April 10th. Software Bill of Materials (SBOM) are at the heart of the EU Cyber Resilience Act as well as many other regulations worldwide. There is a lot of development going on in the standards world as well as in tooling and best current practice. SBOM Focus will cover all areas related to SBOMs! The conference is lead by Anthony Harrison and Olle E. Johansson, both active in OWASP SBOM Forum and OWASP CycloneDX as well as many other forums discussing SBOMs. We are currently planning the details and are open for sponsoring discussions as well as talk proposals. SBOM ...

Read more

NSSS Spring 2026: April 8-9

We can now confirm the date for NSSS Spring 2026: April 8-9 in Stockholm, Sweden. The spring edition will be a bit smaller than what we planned for the fall, but still the fact-filled event you can expect! We will soon release news about what happens on April 10th as well, so please stay tuned!

Read more

Registration is open with early bird pricing!

We have opened registration for the conference in October with a great offer – discount on the registration fee if you register before August 1st! On the web site you can discover parts of the program in our conference overview. We keep adding as we’re getting details from the speakers. And what a list of speakers we have! Steve Springett (OWASP CycloneDX), Daniel Stenberg (CURL), Patrik Fältström (NetNod), Monika Kullberg and many more! You will experience two days filled with educational and though-provoking talks, in two tracks you can freely choose from. The conference starts with workshops where we now have three workshops from the SBOMEurope team – Anthony Harrison and Olle E. Johansson. Start the conference with learning more ...

Read more

Sorry, we have to postpone the conference

Sollentuna, Sweden, Sept 2025: We are really sorry to announce that we have to postpone the conference for a few months. We’re a small team and with one of us away because of health issues, we can’t complete the work needed to make this another great conference. We will be back soon with information about a new date for our event. Keep following us. A big thank you to all our speakers and partners for their support and understanding. We’re a unique team – speakers, partners and organisers – and we’ll get this project on the road soon again. Follow us on LinkedIn, Mastodon or Facebook for updates as we work with the new conference. See you early 2026! Regards/Olle …

Read more

3…. 2… 1… Stay tuned for launch!

We are working on the final details on the conference agenda and will start publishing more information real soon now. Stay tuned for details! As a preview, here’s some of the titles of our amazing talks for the 2025 edition of the Nordic Software Security Summit: In addition, the conference will start with a day filled with workshops and community meetings covering topics as SBOM, Cyber Resilience Act, vulnerability management and OWASP SAMM! We are uploading texts, presentations of speakers and details in the background. Stay tuned!

Read more

Extended call for papers

We are currently in process of scheduling talks and have gotten many great proposals from speakers. But we are lacking a few topics that we think will complement those that we’ve got already, so we are extending the call for papers for a week or so. We’re looking for talks on these topics: If you have ideas or a proposal, send email to info (at) nsss.se today! Let’s have a conversation and make the conference program even better!

Read more

Learn CRA in Manchester, UK or Stockholm, Sweden!

Are you ready for the EU Cyber Resilience Act (CRA)?  SBOM Europe will host two one-day trainings this spring, one in Manchester UK and one in Stockholm, Sweden. Register today to get up to date with this regulation, what you need to do in order to be compliant and understand where the Software Bill of Materials helps in the cybersecurity process. The Cyber Resilience Act will affect everyone that creates and sells products on the EU market, regardless of location. In three years time, all products needs to be CE marked and maintained for the lifetime of the product. Are you ready? If not, book a seat on our trainings and we’ll help you on your way. The trainers, Anthony Harrison and Olle E Johansson have a long …

Read more

Participate in the leading application security conference in the Nordics!

Today we published the Call For Papers for the conference Nordic Software Security Summit 2025. Why don’t you contact us with your ideas early so we can brainstorm and use that piece of the puzzle while creating a new edition of the leading application security conference in the Nordics! The 2025 edition will be three days. The first day is reserved for trainings and community events for participating organisations. The following two days are conference days – with one or two tracks depending on proposals and ideas. Last year we mixed the longer workshops into the conference program which worked, but may not be a good solution moving forward. We are looking forward to your ideas!

Read more

Book Oct 1-3 2025 for our next edition of NSSS!

The Nordic Software Security Summit 2025 will take place October 1-3 in Stockholm, Sweden. We are slowly starting our planning, discussions with sponsors and partners to create a great second event with exciting talks, great tutorials and participants that share their experiences. At that time the EU Cyber Resilience Act will be on its way, having been in action for almost a year with two years to go into it enters into full force. The NIS2 regulation will be in force. Companies, open source projects, organisations, public sector and customers needs to meet to discuss how to handle this new regulated software world. Everything from processes to standards and tools will be covered during this three-day conference. Book it in …

Read more
Focus on the Cyber Resilience Act

The council of the European Union adopts the Cyber Resilience Act

The Cyber Resilience Act was adopted today. It will soon be published in the Official Journal of the European Union and 20 days after that it becomes a full regulation. The act affects almost all software distributed in the union. Software needs to be secure by design and secure by default – and marked with the well-known CE mark to indicate that it complies with the regulation. “The Council adopted today a new law on cybersecurity requirements for products with digital elements with a view to ensuring that products, such as connected home cameras, fridges, TVs, and toys, are safe before they are placed on the market (cyber resilience act).  The new regulation aims to fill the gaps, clarify the …

Read more

Subscribe to our Newsletter