Рет қаралды 125
The SEI is seeking participants for a project to investigate how various tools generate different software bills of materials (SBOMs) for the same software. Tool vendors and others who generate SBOMs are invited to participate in the SBOM Harmonization Plugfest.
This video presents the full morning session and the Q&A part of the afternoon session.
For more details see: resources.sei....
An SBOM records the details and supply chain relationships of a software product’s components. Different SBOM tools should produce similar records for a piece of software at a given point in its lifecycle, but this is not always the case. The divergence of SBOMs for individual pieces of software undermines confidence in these important documents for software quality and security.
#sbom #software