Regulatory intelligence — published
Whitepapers, blueprints, case studies, and regulatory briefs. Open access by default ; some high-value resources require email registration.
From CRA to Certificate : how a deterministic engine replaces 18-month audit cycles
A 28-page deep-dive into NexCyber's regulatory intelligence chain.
We explain how the deterministic intelligence chain maps 144 atomic obligations to product features, what makes the MRCC a new compliance standard, and why 0% LLM in compliance logic matters for audit defensibility.
NexCyber joins ECSO Working Group on CRA implementation
Press announcement — May 2026.
NexCyber joins the European Cyber Security Organisation (ECSO) Working Group focused on CRA implementation guidance for EU SMBs and digital product makers.
Hybrid Ed25519 + ML-DSA-65 signatures on NexCyber MRCC : implementation notes
Why we shipped post-quantum cryptography on every certificate in May 2026.
NIST FIPS 204 (Category 3) signature scheme implementation notes. Liboqs integration, key sizes, performance benchmarks. Why we chose hybrid over pure-PQ.
EU AI Act GPAI obligations enter force 2026-08-02 — what model providers must do
A 4-page regulatory brief for GPAI model providers.
Article 53 transparency, Article 55 systemic risk, EU AI Office reporting. Practical compliance steps for upstream model providers — open access.
IoT product CRA readiness — 34-point operator checklist
Step-by-step CRA compliance blueprint for connected device makers.
From SBOM generation to vulnerability disclosure procedures, this blueprint walks through every CRA obligation a digital product maker must close before 2027-12-11 enforcement.
How a 50-person fintech achieved DORA readiness in 6 weeks
Anonymized case study from our Design Partner Cohort 2026.
Email-gated full case study (15 pages). Preview : initial DORA gap analysis (62% readiness), 6-week sprint plan, final MRCC issuance.