.. SPDX-License-Identifier: CC-BY-4.0 Copyright 2026 The Linux Foundation Resources ========= * `Text of the CRA in English `__ * `Open Source Security Foundation (OpenSSF) `__ provides an extensive set of tools, guides, and best practices for improving a project's security posture. * In particular, see OpenSSF's `CRA Brief Guide for OSS Developers `__. * `Linux Foundation Europe `__ and `Linux Foundation Research `__ have published `various materials `__ on the CRA, such as: * `Pathways to Cybersecurity Best Practices in Open Source `__, describing three LF-hosted projects' approaches to improving CRA compliance * `Linux Foundation Education `__ has published several free training courses on the CRA and secure development practices for open source developers, including: * `Understanding the EU Cyber Resilience Act (CRA) (LFEL1001) `__ * `Developing Secure Software (LFD121) `__ * Secure Software Development: * `Requirements, Design and Reuse (LFD104x) `__ * `Implementation (LFD105x) `__ * `Verification and More Specialized Topics (LFD106x) `__