https://www.ptcusercommunity.com/t5/Kepware/Kepware-Cyber-Resilience-Act-CRA/m-p/1038686#M3083 <P data-start="169" data-end="358">Hi,<BR /><BR />At this time, PTC is actively reviewing the requirements of the <STRONG data-start="233" data-end="266">EU Cyber Resilience Act (CRA)</STRONG> and evaluating how it applies across the Kepware product line, including <STRONG data-start="340" data-end="355">KEPServerEX</STRONG>.<BR /><BR /></P> <P data-start="360" data-end="603">While no official compliance declaration or timeline has been published yet, Kepware products are developed following PTC’s secure software development lifecycle (SSDLC) standards, which already align closely with key CRA principles such as:</P> <UL data-start="604" data-end="785"> <LI data-start="604" data-end="665"> <P data-start="606" data-end="665">Secure-by-design and secure-by-default software practices</P> </LI> <LI data-start="666" data-end="732"> <P data-start="668" data-end="732">Vulnerability management and coordinated disclosure procedures</P> </LI> <LI data-start="733" data-end="785"> <P data-start="735" data-end="785">Regular patching and lifecycle support processes</P> </LI> </UL> <P data-start="787" data-end="917">PTC will provide additional information and documentation once CRA compliance guidance is finalized and timelines are confirmed.</P> <P data-start="919" data-end="1188">For now, if your organization requires formal compliance statements or roadmap updates, it’s best to contact <STRONG data-start="1028" data-end="1085">PTC Technical Support or your Kepware Account Manager</STRONG> directly. They can provide the most current status and supporting documentation under NDA if needed.<BR /><BR />Thanks,</P> Thu, 16 Oct 2025 08:06:08 GMT pshashipreetham 2025-10-16T08:06:08Z https://www.ptcusercommunity.com/t5/Kepware/Kepware-Cyber-Resilience-Act-CRA/m-p/1038057#M3075 <P>Dear Kepware Team,<BR />@<A href="mailto:bdube@ptc.com" target="_blank">bdube@ptc.com</A></P><P>&nbsp;</P><P>I hope this message finds you well.</P><P>As part of our ongoing efforts to align with upcoming EU cybersecurity regulations, I would like to inquire whether Kepware products—specifically KEPServerEX—are expected to be subject to the requirements of the <STRONG>Cyber Resilience Act (CRA)</STRONG>.</P><P>If so, could you kindly share:</P><UL><LI>Whether Kepware is actively working towards CRA compliance?</LI><LI>The anticipated timeline by which Kepware products will be CRA-compliant?</LI><LI>Any documentation or roadmap that outlines your approach to meeting CRA obligations?</LI></UL><P>Understanding your position on this matter will help us plan our integration and compliance strategy accordingly.</P><P>Thank you in advance for your support.</P><P>&nbsp;</P><P>Best regards,</P><P>Mani</P> Fri, 10 Oct 2025 13:41:35 GMT https://www.ptcusercommunity.com/t5/Kepware/Kepware-Cyber-Resilience-Act-CRA/m-p/1038057#M3075 MK_9330046 2025-10-10T13:41:35Z https://www.ptcusercommunity.com/t5/Kepware/Kepware-Cyber-Resilience-Act-CRA/m-p/1038686#M3083 <P data-start="169" data-end="358">Hi,<BR /><BR />At this time, PTC is actively reviewing the requirements of the <STRONG data-start="233" data-end="266">EU Cyber Resilience Act (CRA)</STRONG> and evaluating how it applies across the Kepware product line, including <STRONG data-start="340" data-end="355">KEPServerEX</STRONG>.<BR /><BR /></P> <P data-start="360" data-end="603">While no official compliance declaration or timeline has been published yet, Kepware products are developed following PTC’s secure software development lifecycle (SSDLC) standards, which already align closely with key CRA principles such as:</P> <UL data-start="604" data-end="785"> <LI data-start="604" data-end="665"> <P data-start="606" data-end="665">Secure-by-design and secure-by-default software practices</P> </LI> <LI data-start="666" data-end="732"> <P data-start="668" data-end="732">Vulnerability management and coordinated disclosure procedures</P> </LI> <LI data-start="733" data-end="785"> <P data-start="735" data-end="785">Regular patching and lifecycle support processes</P> </LI> </UL> <P data-start="787" data-end="917">PTC will provide additional information and documentation once CRA compliance guidance is finalized and timelines are confirmed.</P> <P data-start="919" data-end="1188">For now, if your organization requires formal compliance statements or roadmap updates, it’s best to contact <STRONG data-start="1028" data-end="1085">PTC Technical Support or your Kepware Account Manager</STRONG> directly. They can provide the most current status and supporting documentation under NDA if needed.<BR /><BR />Thanks,</P> Thu, 16 Oct 2025 08:06:08 GMT https://www.ptcusercommunity.com/t5/Kepware/Kepware-Cyber-Resilience-Act-CRA/m-p/1038686#M3083 pshashipreetham 2025-10-16T08:06:08Z