SBOMs & CRA Compliance with Olle Johansson and Anthony Harrison

SBOMs & CRA Compliance with Olle Johansson and Anthony Harrison

From Nerding Out With Viktor by Viktor Petersson

March 24, 2026 · 1h 21m · Season 3 · Episode 2

About this episode

The episode discusses SBOMs and CRA compliance with insights from industry experts.

In this episode of Nerding Out with Viktor, host Viktor Petersson sits down with Olle Johansson and Anthony Harrison to explore the intersection of Software Bills of Materials (SBOMs) and the EU Cyber Resilience Act (CRA). Together, they unpack what CRA compliance looks like in practice and why SBOMs are becoming a critical piece of the regulatory puzzle. Olle and Anthony share their hands-on experience navigating SBOM tooling, formats like CycloneDX and SPDX, and the operational challenges teams face when integrating these workflows into real-world development pipelines. The conversation covers how organizations can move beyond checkbox compliance toward meaningful transparency in their software supply chains. They also discuss the timeline and enforcement realities of the CRA, how it interacts with existing standards, and what engineering teams should be doing now to prepare. For anyone building, shipping, or securing software in the EU market, this episode offers a grounded, practical guide to the compliance landscape ahead.

People in this episode

Host: Viktor Petersson

Guests: Olle Johansson, Anthony Harrison

Topics covered

  • SBOMs
  • CRA Compliance
  • Software Supply Chain
  • Regulatory Challenges
  • Development Pipelines
  • Transparency

Keywords

  • SBOM
  • EU Cyber Resilience Act
  • CycloneDX
  • SPDX
  • compliance
  • software supply chain
  • transparency
  • development pipelines

Mentioned in this episode

Organizations: EU Cyber Resilience Act

Products: Software Bills of Materials, CycloneDX, SPDX

More episodes of Nerding Out With Viktor

Explore listener stats, chart rankings, contacts and more on the Nerding Out With Viktor podcast page.