Everything we know about MedTech security, in one place.
Guides, articles, episodes, checklists, and updates - built from 250+ FDA submissions and the standards work behind them.
Browse by hub
8 sectionsGuides
8 downloadable playbooks on FDA submissions, SPDF, threat modeling, pen testing and more.
Browse guidesBlog
Field-tested articles on standards, regulations, SDLC, and emerging threats in connected MedTech.
Read the blogPodcast
The Med Device Cyber Podcast - practical insights, real threats, and global regulatory updates.
Listen nowWebinars
On-demand sessions on FDA premarket cybersecurity, SBOMs, threat modeling, SPDF, and postmarket programs.
Watch webinarsNews
Regulatory and industry updates that change how connected medical devices get cleared.
See updatesCase Studies
3 anonymized engagement narratives - challenge, approach, and outcomes from real FDA submissions we supported.
Read case studiesTestimonials
10 reviews from MedTech quality, regulatory, and engineering leaders we've worked with.
Read testimonialsFAQs
Straight answers on pricing, timelines, scoping and what FDA actually expects.
Read FAQsCurated collections
5 collectionsThe Monthly Pulse
Monthly newsletter on MedTech cybersecurity and FDA updates.
Open collectionPresentations
Conference talks and keynotes on MedTech security.
Open collectionThe Med Device Cyber Podcast
Weekly conversations on MedTech cybersecurity, FDA, SBOMs, and pen testing.
Open collectionWebinars
On-demand webinars on FDA cybersecurity and SPDF.
Open collectionWhite Papers
In-depth papers on MedTech cybersecurity topics.
Open collectionFrom the wider community
Free public resources, podcasts, and mentorship programs Blue Goat Cyber sponsors or supports for the MedTech cybersecurity community.
-
Code Blue Chart
Public timeline of MedTech cyber events
A sourced, public-record timeline of 86+ medical-device cybersecurity events from 1985 to today - recalls, FDA/CISA advisories, and incidents tied to patient harm.
Visit site -
Med Device Cyber Podcast
Conversations with MedTech security leaders
Interviews and field notes for product security, regulatory, and engineering teams shipping safer connected devices.
Visit site -
MDC Crosswalk
Map controls across MedTech standards
A free crosswalk between FDA guidance, ANSI/AAMI SW96, ISO 13485, ISO 14971, and related frameworks - built to save submission and audit prep time.
Visit site -
MedTech Cyber Tips
Bite-sized guidance for builders
Short, practical tips for engineers, regulatory leads, and founders working on connected medical devices.
Visit site -
AI SaMD
AI/ML-enabled SaMD resources
A focused resource on cybersecurity, safety, and regulatory expectations for AI/ML-enabled Software as a Medical Device.
Visit site -
Mentor & sponsor
MedTech Innovator APAC
Mentoring early-stage MedTech in APAC
Blue Goat Cyber proudly supports MedTech Innovator APAC, mentoring early-stage companies on cybersecurity and FDA-readiness.
Visit site -
MDC Misconceptions
Debunking medical device cybersecurity myths
A free public resource that calls out the most common myths about medical device cybersecurity - from "we passed pen testing, so we're FDA-ready" to "SBOMs are just a list." Built to help manufacturers separate marketing from regulatory reality.
Visit site -
Charity sponsor
APPSUK Foundation
Healthcare and humanitarian relief in Pakistan
Blue Goat Cyber proudly supports the APPSUK Foundation - the charitable arm of the Association of Pakistani Physicians and Surgeons of the United Kingdom - funding mobile health units, cataract clinics, prosthetic limbs, education, and disaster relief for underserved communities in Pakistan.
Visit site
About these sponsorships
- How do you choose which projects to sponsor?
- We back independent, non-commercial efforts that materially help the MedTech cybersecurity community - open educational resources, podcasts, mentorship programs, and public datasets. We prioritize projects with a clear public benefit, transparent ownership, and no conflicts of interest with our client work.
- Can my project apply for sponsorship?
- Yes. Reach out through our contact page with a short description of the project, who it serves, and what kind of support you're looking for. We review new requests on a rolling basis and respond even when we can't sponsor.
- How often is this list updated?
- We refresh the list quarterly, and immediately whenever a sponsorship starts, ends, or changes scope - so what you see here always reflects active commitments.
Company & security
Get FDA cleared without the cybersecurity headaches.
30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ submissions.