SBOM X-Ray Superpowers: Making Better SBOMs and Using SBOMs
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Discover how to enhance Software Bill of Materials (SBOM) creation and utilization in this informative conference talk. Explore the challenges of generating accurate and complete SBOMs while maintaining usability. Learn about the limitations of current Software Composition Analysis (SCA) based SBOM generation tools and their blind spots. Gain insights into a novel approach called "SBOM X-ray vision" that helps fill gaps in SBOM information. Understand how the Rekor transparency log and In-toto attestations can be leveraged to share SBOM data across projects using native CI integrations. Watch a demonstration of these new capabilities in action through the Syft tool, showcasing how to generate more comprehensive SBOMs. Enhance your understanding of SBOM creation and usage to improve software security and vulnerability response.
Syllabus
SBOM X-Ray Superpowers: Making Better SBOMs, Using SBOMs - Brandon Lum& Chris Phillips
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Inspecting Open Source Software Packages for Security and License CompliancePluralsight DevSecOps Fundamentals
Cybrary Effective Vulnerability Discovery with Machine Learning
Black Hat via YouTube The Devils in the Dependency - Data Driven Software Composition Analysis
Black Hat via YouTube Protect Yourself Against Supply Chain Attacks
NDC Conferences via YouTube