SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the SW360 software project for managing license compliance information and software bill-of-materials (SBOM) in this informative conference talk. Learn about SW360's evolution from its initial focus on SPDX information for products and projects to its expanded capabilities in vulnerability management, trade compliance assessment, and automated SBOM information handling through REST API. Discover how SW360 supports product approval processes by importing license obligations from the OSADL license checklist. Gain insights into SW360's architecture and witness demonstrations of its latest features, including vulnerability registration, SPDX input/output, and open-source software dependency management. Understand how SW360 streamlines the management of third-party components in software development and enhances overall compliance and security processes.
Syllabus
SW360 SBOM: Managing Vulnerability Information, SPDX Documents and New Depen... Kouki Hama & Tien Le
Taught by
Linux Foundation
Tags
Related Courses
The A's, B's, and Four C's of Testing Cloud-Native ApplicationsLASCON via YouTube A Different Kind of S3 - First Line Security of the Supply Chain
Linux Foundation via YouTube Accountability Taxonomy for AI Software Bill of Materials
Linux Foundation via YouTube Activities in Japan and 10 Streams of OSS Security Mobilization Plan
OpenSSF via YouTube Addressing Security Issues Before Production with Docker Scout
Docker via YouTube