Why Building Your Ship with Raw Materials is a Bad Idea

Discover the importance of software bill of materials (SBOMs) and the challenges of using open source code in application development in this 34-minute Devoxx conference talk. Explore the implications of new legislation surrounding SBOMs, the risks of using unverified code, and the concept of "raw materials" in software development. Learn about best practices for creating secure, robust, and compliant applications, including the use of software composition analysis and static analysis tools. Gain insights into the types of applications that may not be suitable for open source code and understand how to navigate the complex landscape of software security and compliance. Walk away with practical strategies to ensure your applications remain secure and compliant while leveraging the benefits of open source software.

Introduction
About Sonotype
About Open Source
Problems with Open Source
Software Composition Analysis
Scary Facts
Legislation
Sbombs
Security
Raw Materials
Static Analysis Tools
Check your dependencies
Useful links
Get in touch
Outro