The Regulatory Stack, Part 6: Building Under the CRA - A Reference Architecture
11 minutes
A production-grade reference architecture translating the GATE specification into a live runtime, using Apigee, Envoy Proxy, and …
Tag
Regulation
The GATE Conformance Runner: What You Can Automate and What You Cannot
8 minutes
The gate-conformance v1.2.0 runner automates 9 of GATE's 19 checks against a live evidence store. The other 10 return PARTIAL: not failure, …
The Regulatory Stack, Part 5: The Cyber Resilience Act Closes the Last Loophole
10 minutes
Think your AI agent escaped the EU AI Act's high-risk classification? The Cyber Resilience Act lands more than a year earlier, and it …
Engineered Compliance: Beyond Templates
10 minutes
Regulators do not ask for documents. They ask for systems that behave a certain way and the ability to prove it. We introduce Sakura Sky's …
The Regulatory Stack, Part 4: Engineering Under the AI Act - Article 15 Cybersecurity in Practice
10 minutes
How to turn the EU AI Act's stringent cybersecurity requirements into a clean, automated side effect of your existing platform engineering …
The Regulatory Stack, Part 3: How the EU AI Act Made Verification a Legal Question, Not a Best-Practice One
13 minutes
The EU AI Act binds providers and deployers to a continuous, evidenced verification posture by December 2027. Here is the operational …
The Regulatory Stack, Part 2: Why the Boardroom Should Be Funding the Verification Layer in 2026
10 minutes
The capital deployment decisions boards make this year will determine whether their autonomous AI systems are governable assets or …
OWASP Just Drew a New Map, Read It Before Your Auditors Do
9 minutes
The Foundation's new strategic plan is not a community update. It commits OWASP to setting the technical floor for AI security, …
Governance, Risk & Compliance
0 minutes
Engineering compliance for GDPR, the EU AI Act, the EU Data Act, and MiCA as the outcome of well-built cloud, data, and security. Powered by …
Praxis
0 minutes
Engineering compliance for GDPR, the EU AI Act, the EU Data Act, and MiCA. The productised core of our Governance, Risk & Compliance …