Leveraging SBOMs to Automate Packaging, Transfer, and Reporting of Dependencies Between Secure Environments
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore an innovative approach to utilizing Software Bill of Materials (SBOMs) in a conference talk from KubeCon + CloudNativeCon Europe. Learn how Lockheed Martin leverages the CycloneDX Specification as a packaging standard to validate and transfer assets across network boundaries, particularly in secure environments with strict controls. Discover how this method enables development teams to update build dependencies without network connectivity and create "seeding" deployments for Cloud Native infrastructure. Witness a demonstration of Hoppr, an open-source tool with an extendable plugin architecture, designed for security validation and multi-team transfers using CycloneDX SBOMs. Gain insights into collecting items based on purls, running validation, and creating transfers for secure environments in this 26-minute presentation by Ian Dunbar-Hall and Jerod Heck.
Syllabus
Leveraging SBOMS to Automate Packaging, Transfer, and Reporting of D... Ian Dunbar-Hall & Jerod Heck
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
The IT Ops Sessions: Generating a Software Bill of Materials for Docker ImagesPluralsight Bringing Service Security to a New Level - An Introduction to SaaSBOMs
Linux Foundation via YouTube How Software Transparency Can Help Save the World
Security BSides San Francisco via YouTube DBOM and SBOM - New Options for Better Supply Chain Cybersecurity
RSA Conference via YouTube How Do You Know You're Done After a Security Fix - Leveraging SBOM Data
Linux Foundation via YouTube