SBOM Harmonization Plugfest 2024

  Рет қаралды 125

Software Engineering Institute | Carnegie Mellon University

Software Engineering Institute | Carnegie Mellon University

Күн бұрын

The SEI is seeking participants for a project to investigate how various tools generate different software bills of materials (SBOMs) for the same software. Tool vendors and others who generate SBOMs are invited to participate in the SBOM Harmonization Plugfest.
This video presents the full morning session and the Q&A part of the afternoon session.
For more details see: resources.sei....
An SBOM records the details and supply chain relationships of a software product’s components. Different SBOM tools should produce similar records for a piece of software at a given point in its lifecycle, but this is not always the case. The divergence of SBOMs for individual pieces of software undermines confidence in these important documents for software quality and security.
#sbom #software

Пікірлер
Microservices and API Risks and Mitigations
24:45
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 157
How I Learned to Stop Worrying and Love the Quantumpocalypse
26:45
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 81
My scorpion was taken away from me 😢
00:55
TyphoonFast 5
Рет қаралды 2,7 МЛН
IL'HAN - Qalqam | Official Music Video
03:17
Ilhan Ihsanov
Рет қаралды 700 М.
AI Robustness
23:51
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 43
The Emerging Technology of Software Behavior Computation for Security and Correctness
32:55
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 156
Argonaut: Wrapped - 2024 Year in Review
56:47
Josh Mandel
Рет қаралды 144
An Introduction to Software Cost Estimation
22:55
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 230
Securing Docker Containers: Techniques, Challenges, and Tools
39:09
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 77
Godfather Security: How Security Can Make an Offer that Development Can't Refuse
33:12
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 72
Techniques for Detection of Information Flows Indicative of Inserted Malicious Code
19:14
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 75
Vessel: Modelling Container Reproducibility Failures
16:49
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 87
Using LLMs to Adjudicate Static-Analysis Alerts
26:50
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 59
Contract Programming: Formalizing APIs
20:38
Software Engineering Institute | Carnegie Mellon University
Рет қаралды 103