Code Genome - Fingerprinting Code to Build Trustworthy SBOMs

Explore the concept of Code Genome, a revolutionary approach to fingerprinting code for building trustworthy Software Bills of Materials (SBOMs), in this informative conference talk by Ian Molloy and Jiyong Jang from IBM Research. Delve into the challenges of trusting code in today's software landscape and understand how SBOMs are used to assess risks associated with software components and dependencies. Learn about the limitations of current SBOM generation tools and discover how Code Genome addresses these issues by creating semantically meaningful fingerprints of code functionality. Gain insights into the improved capabilities and scalability of Code Genome, including its ability to generate and verify SBOMs without source code access through a large knowledge graph of open source software. Examine how this innovative technology can fingerprint code across various sources and binaries, identify software components, and contribute to securing the software supply chain. Get a glimpse of the planned public service that will allow developers to scan and analyze code using Code Genome.

Code Genome - Fingerprinting Code to Build Trustworthy SBOMs - Ian Molloy & Jiyong Jang, IBM