How to create an SBOM from a Docker Container
In this video we'll have a look at a quick way to produce an SBOM from a Docker container and use SBOM Observer to analyze it.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
SBOM
Creating SBOMs with the Snyk CLI
The software bill of materials (SBOM) is quickly becoming an essential aspect of open source security and compliance. In this post, we'll delve into what SBOMs are, why they're necessary, and their role in open source security.
Creating DataTrails for Supply Chain Artifacts
In a world where software is produced, distributed, and re-distributed, how do you ensure the software you consume is authentic and safe for your environment? How do you know the software you deployed yesterday is safe today? Most software exploits are discovered after the software has been deployed, which raises the question: It’s not just about getting software updates, as the majority of exploits are distributed as updates. Staying updated isn’t the most secure.
Customize your Access Policies with DataTrails
Signing up with DataTrails comes with the ability to share your audit trails with your business partners, other applications, and your internal team. Access policies control users, apps & organizations’ read & write privileges to provenance data in DataTrails. If you’re using an integration, access policies offer a way to fine-tune these integrations, giving specific permissions to add to and read your records.
How to generate a software bill of materials
The complexity of modern applications (think open source, proprietary and commercial code) makes the management of software supply chain security a business-critical effort. Robust software supply chain security requires a thorough understanding of your organization’s software components - a complete visibility into the makeup of your code - best achieved with a Software Bill of Materials (SBOM).
What is Data Provenance?
Data provenance is a technology field that aims to help businesses increase trust through transparency of data, specifically by tracking the origin, change, and history of data and making it verifiable. Recently, the benefits of data provenance have become more important than ever. With the emergence of generative AI, all it takes are a few button clicks for anyone to create or manipulate data and convince others that fake data is trustworthy and real.
How Transparency Can Stop Invoice Fraud
The average cost of invoice fraud to middle-market businesses is almost $280,000 per year. Invoice fraud affects businesses of all sizes, and the levels of fraud have increased in part because it’s not possible to authenticate all invoices that come in manually, with many businesses paying out invoices without authentication if they’re under a certain amount. Today’s information security rules and regulations can’t keep up.
Beyond SBOMs: The Future of Software Supply Chain Security
The recent executive order requiring SBOMs (Software Bill of Materials) of those supplying software to the federal government has been instrumental in advancing the conversation around software supply chain security – but SBOMs are just the tip of the iceberg, and quite possibly, not even the most interesting or promising part. Cisco distinguished engineer Ed Warnicke and Cisco technical marketing engineer Michael Chenetz were joined by Aeva Black, OmniBor Project – Microsoft, Brandon Lum, Guac and Google, Dan Lorenc, Wolfi/Chainguard, and Cole Kennedy, TestifySec.
DataTrails: Sharing and Verifying Immutable Audit Trails
To share an immutable audit trail, you can do this with a link or a QR code that is automatically created when provenance and authenticity metadata is recorded in your DataTrails account. After you sign in to your DataTrails account on your smartphone, Anyone can use Instaproof or the DataTrails API to verify the authenticity, provenance and audit trails of public images.
How to Easily Generate An Accurate Software Bill of Materials (SBOM) with Black Duck | Synopsys
Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain. Watch the video to streamline your SBOM generation process and take control of your software supply chain.