en
Webinar joint service - Toreon & Ox Security

CRA Vulnerability Prioritization: From Alert Noise to What Actually Matters  

Join Toreon and OX Security for a practical session on CRA vulnerability prioritization and how product organizations can meet upcoming EU Cyber Resilience Act (CRA) obligations without exhausting security and engineering teams.

This webinar will be presented in English*

May 27th, 2026

60 min

Starting at 11 am CEST

In this session, Toreon and OX Security cover:

  • What CRA requires, at both product and organizational level, and how to turn it into a realistic roadmap  
  • Why severity-based triage fails under CRA timelines, including the 24-hour early warning window for actively exploited vulnerabilities  
  • How to build a people → process → technology approach that improves security without slowing delivery  
  • How context-aware prioritization (reachability, exploitability, business impact) helps teams focus on what truly matters while generating compliance evidence along the way

 

Herken je dit?

Dit horen we keer op keer van softwarebedrijven

"We hebben geen compleet overzicht van onze software-componenten."

"Security komt pas aan bod vlak voor release, als het al aan bod komt."

"Niemand in ons team is echt eigenaar van CRA-compliance."

"We weten dat de deadline nadert maar weten niet waar te beginnen."

Als één van deze je bekend klinkt, dan is dit voor jou.

Wat je krijgt

Van chaos naar aantoonbare compliance

Na onze samenwerking weet je exact waar je staat, wat prioriteit heeft, en hoe je CRA omzet in een concurrentievoordeel.

inzicht

Inzicht

Een helder beeld van je huidige security-maturiteit en de exacte gaps ten opzichte van de CRA-eisen.

controle

Controle

Een concrete roadmap met prioriteiten en quick wins, zodat je team weet wat te doen en in welke volgorde.

bewijs

Bewijs

Documentatie en processen waarmee je CRA-compliance aantoonbaar maakt richting klanten en auditors.

Resultaten

Bedrijven die ons vertrouwen

Wat andere software- en techbedrijven zeggen over hun samenwerking met Toreon.

Toreon was the obvious choice because they’re a renowned cybersecurity company with deep technical knowledge. Thanks to our collaboration with Toreon, my assumptions were validated. We gained some valuable insights and a roadmap to get us started.

dewaele
Jan Tanghe

IT Team Lead at Dewaele

Toreon was the obvious choice because they’re a renowned cybersecurity company with deep technical knowledge. Thanks to our collaboration with Toreon, my assumptions were validated. We gained some valuable insights and a roadmap to get us started.

dewaele
Jan Tanghe

IT Team Lead at Dewaele

Toreon was the obvious choice because they’re a renowned cybersecurity company with deep technical knowledge. Thanks to our collaboration with Toreon, my assumptions were validated. We gained some valuable insights and a roadmap to get us started.

dewaele
Jan Tanghe

IT Team Lead at Dewaele

Seminar banner (1)

 June 15th, 18:00 CEST

Staying ahead of the game with AI

We invite you to join us for an in-person seminar in Mechelen.

Throughout the evening, we’ll explore some of the most pressing topics shaping modern application security, followed by interactive roundtable discussions designed to spark debate, share experiences, and learn from one another.

Afterwards we will broadcast the worldcup soccer game: Belgium vs Egypt. Drinks are on us!

There are limited slots for this event so be quick. 


 

More information below.


Registration will be confirmed by mail.


No spam, ever. Your data is handled in accordance with GDPR.

Klaar voor een eerlijk beeld van je CRA-risico’s

In 30 minuten weet je waar je staat, wat prioriteit heeft, en wat je eerste stap is. Gratis en vrijblijvend.

  • 30 minuten, volledig gratis
  • Kort rapport achteraf
  • Geen verkooppitch
  • Info over subsidie-aanvraag
FAQ

Vragen die we vaak krijgen

Is dit alleen voor grote bedrijven?

Nee. Onze aanpak is specifiek ontworpen voor KMO's in België. De VLAIO-subsidie is trouwens ook exclusief voor KMO's.

Wat als we al iets aan security doen?

Nog beter. We starten altijd met een nulmeting om te zien wat er al is en wat er ontbreekt. Je bouwt verder op wat werkt.

Hoe lang duurt een volledig traject?

Van nulmeting tot aantoonbare compliance gemiddeld 10–14 weken, afhankelijk van de omvang van je producten en team.

Wat kost een traject?

Trajecten starten vanaf €8.000 voor KMO's. Met VLAIO-subsidie betaal je  effectief de helft. We berekenen dit samen in de discovery call.

Moeten we al CRA-kennis hebben?

Absoluut niet. We starten van nul als dat nodig is. De discovery call is er net voor om te begrijpen waar je staat.

Agenda

Toreon & Ox Security

  1. 1

    18:00 - Reception & introduction

    We welcome you from 18:00h. Enjoy a drink, meet your peers, and get seated at your table. You will receive designated seats for the night. 

  2. 2

    18:30 - The missing step in most vulnerability handling programs: learning lessons and improving the SDLC

    Host: Ruben de Visscher

    When finding and exploiting first-party vulnerabilities and third-party CVEs becomes accelerated by AI, it is no longer enough to play whack-a-mole with issues as they enter your vulnerability handling pipeline. It becomes critical to ensure that the proper lessons are being learned from every new vulnerability, and that these lessons are translated into actions that greatly reduce the likelihood and impact of similar vulnerabilities in the future.

  3. 3

    19:15 - Dinner

    Please contact us if you have any dietary restrictions we should be aware of. jordan.hardy@toreon.com
  4. 4

    19:45 - Why CVEs are becoming a commodity in the age of AI-driven development and exploitation

    Host: Boaz Barzel

    Application security is entering an era where CVEs become commodities, generated and exploited at machine speed by AI on both sides of the pipeline. This shifts security from a reactive process of finding and fixing vulnerabilities to a continuous competition between autonomous offensive and defensive systems. As AI accelerates both attack and remediation, organizations must rethink how trust and software security are maintained.

  5. 5

    20:30 - Q&A

    Time for questions!

  6. 6

    21:00 - Start football game

    Belgium vs Egypt

    Let's end the night by cheering the Belgian national team to victory. Are you already certain of the winner? Let us know by filling out a prediction.

Ox logo

The CRA is a great opportunity.

Want to know how? Download the ebook!

Download ebook

Meet your speakers

Boaz Barzel

Boaz "Batman" Barzel is the Field CTO at OX Security and the driving force behind AI Native Security Engineering. With deep expertise in product strategy, market influence, and customer success, Boaz is known for turning complex security challenges into practical, adoptable solutions. He also makes excellent coffee and lives by one rule: always be Batman.




Connect with Boaz

Ruben de Visscher

Ruben leverages his extensive prior experience as a software engineer in the security space to help diverse organizations with improving their secure software development life cycles. He specializes in taking the results of threat models, penetration tests and DevSecOps tools and translating those into actionable recommendations for software development teams. He also teaches software organizations secure design and coding practices to strongly reduce entire categories of weaknesses, and how to use methodical and risk-based approaches to achieve high assurance development and testing practices.

Connect with Ruben
TOREON cyber insights

Stay up to date of relevant
developments in cyber

Bi-Monthly practical tips and insights on product security, SSDLC and compliance. No spam, just relevant updates.