SBOM X-Ray Superpowers: Making Better SBOMs and Using SBOMs
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Discover how to enhance Software Bill of Materials (SBOM) creation and utilization in this informative conference talk. Explore the challenges of generating accurate and complete SBOMs while maintaining usability. Learn about the limitations of current Software Composition Analysis (SCA) based SBOM generation tools and their blind spots. Gain insights into a novel approach called "SBOM X-ray vision" that helps fill gaps in SBOM information. Understand how the Rekor transparency log and In-toto attestations can be leveraged to share SBOM data across projects using native CI integrations. Watch a demonstration of these new capabilities in action through the Syft tool, showcasing how to generate more comprehensive SBOMs. Enhance your understanding of SBOM creation and usage to improve software security and vulnerability response.
Syllabus
SBOM X-Ray Superpowers: Making Better SBOMs, Using SBOMs - Brandon Lum& Chris Phillips
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube