FAQ Security

List of frequently asked questions and answers for this category.
Back

How do we handle open source security vulnerabilities? — 2026-05-30
Short answer All dependencies are scanned automatically via our CI/CD pipeline using SCA tools. Critical CVEs must be patched within a defined timeframe based on severity.
What are the risks and benefits related to our open source policies? — 2026-05-30
Short answer Open source delivers major benefits — productivity, innovation, cost reduction, talent attraction — but also carries real risks: license non-compliance, security vulnerabilities, and intellectual property loss.
What is the Cyber Resilience Act and what is its impact on our open source product development? — 2025-06-01
Short answer The Cyber Resilience Act (CRA) is an EU regulation (Regulation EU 2024/2847) that mandates cybersecurity requirements for all software and hardware products placed on the European market.