Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SBOM

(SBOM) Creation of your Software Bill of Materials

May 13, 2022 By JFrog In JFrog
Because of growing software supply chain cyber-attacks and incidents like Log4J, tracking your Software Bill of Materials has become essential. It’s a list of the “ingredients” that make up a piece of software. SBOMs are used by software producers to manage components, software buyers to assess security and compliance, and operators to monitor risks and threats. SBOMs are required by military, and government agencies and will likely become the norm, especially in highly regulated industries. Documenting and reporting your SBOM will become a universal best practice.
View Video
rezilion

3 Ways a Dynamic SBOM Enhances Security

May 10, 2022 By Rezilion In Rezilion

In a previous post, we described why a software bill of materials (SBOM) needs to be dynamic in order to be valuable for organizations. One of the biggest sources of that value is the enhanced security that dynamic SBOMs can deliver for organizations An SBOM creates a foundational data layer on which further security tools, policies and practices can be built. The U.S.

Read Post
rezilion

SBOMs Are Only Truly Useful if They're Dynamic

May 5, 2022 By Rezilion In Rezilion

The software bill of materials (SBOM) is being widely touted as a way to ensure the security and integrity of software products. This is an accurate assessment, but not all SBOMs are created equal. Specifically, those that are dynamic are far more useful and effective than those that are not. In fact, SBOMs that are not dynamic—able to easily and automatically account for the constant change swirling around the software landscape—are of minimal use.

Read Post
datatrails

Generating an SBOM is just the tip of the iceberg

May 5, 2022 By Jon Geater In DataTrails

It has been nearly a year since the President Biden’s Executive Order 14028 catapulted Software Bills of Materials (SBOMs) from niche topic to the forefront of efforts to improve security of cyber supply chains. Since then not only have federal agencies including NIST and CISA delivered significant amounts of guidance and insight, but SBOMs have been the subject of intense debate across developer communities and beyond.

Read Post

How to generate a Software Bill of Materials (SBOM) using Veracode Software Composition Analysis

Apr 25, 2022 By Veracode In Veracode
In this video, we’ll demo how to use the SBOM API with Veracode Software Composition Analysis (SCA) to generate a Software Bill of Materials (SBOM). The new SBOM API provides an inventory of components within your application with insight into the relationships between the components. Exported in CycloneDX format, the SBOM identifies which components are coming from 3rd party sources and offers visibility into your software supply chain.
View Video
datatrails

Export and Distribute SBOMs Directly From Your Git Repositories

Mar 24, 2022 By RKVST In DataTrails

Guest Blog by Daniel Parmenvik – CEO of bytesafe.dev For many, Software Bill of Materials (SBOMs) have changed from a manual list of assets for due diligence procedures to become an integral and automated part of software development. The ever increasing appetite for open-source software translates into a need to keep track of software assets (or open-source dependencies) for all applications, at any given point in time.

Read Post
bytesafe

With SBOMs, Sharing is Caring

Mar 18, 2022 By Jon Geater | Guest author In Bytesafe

Thanks to President Biden’s Executive Order on Cybersecurity (14028) last May, Software Bills of Material (SBOMs) are now discussed by developers, security and deployment teams and even boards of businesses around the world. These “ingredients” lists for software are mandated for those selling to US Federal government and are quickly becoming an expected element of any software implementation. Rightly so.

Read Post
Subscribe to SBOM

Copyright © 2024 OpsMatters™. All rights reserved.