Skip to main content

Search

Items tagged with: sbom

🐸 📺 Live-Streams (+Re-Live) – FrOSCon 19 (Free and Open Source Software Conference)

streaming.media.ccc.de/froscon…

@FOSS - Freie Software

Programm und "Thematische Schwerpunkte

Froscon-Startseite - Maskottchen ist ein Frosch

Wir bieten Vorträge zu aktuellen Entwicklungen aus dem gesamten Bereich der Freien Software und Open Source. Regelmäßig mit dabei sind z.B. die folgenden Themen:

  • Betriebssysteme
  • Entwicklung
  • Administration
  • #Sicherheit
  • Rechtliche Fragen
  • Desktop
  • #Bildung
  • Cloud

Jedes Jahr haben wir auch besondere Schwerpunkte. FĂźr 2024 sind das:

  • In #Rust we trust – Memory safe languages
  • Grow your own – Open Source #Pflanzenbau
  • #SBOM – Lieferkettensicherheit in OSS
  • Thinking outside the stack – eBPF und Freunde
  • Bridging the Gap between politics and reality – Lobbying fĂźr freie Software
  • AI AI, captain – #LLM, machine learning & Co."

#Froscon #Froscon2024 #FOSS #OpenSource

#foss #Bildung #opensource #rust #froscon #Sicherheit #sbom #llm #Pflanzenbau #Froscon2024 @FOSS - Freie Software

With regard to xz backdoor, did anyone actually have any idea this was going on? With all these vendors doing source code scanning, was there any indication of maliciousness?

#OSS #Security #SBOM #xz

#security #OSS #sbom #xz

Episode 364 of the #osspodcast in which Kurt had bad shwarma, @joshbressers agrees that good shwarma is great, and we learn that it's also hard to know what's in your software even if you do #SBOM https://opensourcesecurity.io/2023/02/26/episode-364-using-sboms-is-hard/ TL;DR: We got different kinds of SBOM, SBOM drift, services and APIs, and then there some complicated problems on top of all that. Also legal obligations.

Episode 364 – Using SBOMs is hard

Josh and Kurt talk about SBOMs. Quite a bit has happened in the world of SBOMs in the last year or so. There are going to be different types of SBOMs, like build, source, or runtime. Each will tell…
Open Source Security
#OSSPodcast #sbom @Josh Bressers

The new Omnibus Bill in the US Senate includes a requirement to "provide to the Secretary a software bill of materials, including commercial, open-source, and off-the-shelf software components" for medical devices.

https://www.appropriations.senate.gov/imo/media/doc/JRQ121922.PDF

If you're not already looking into ways to generate an #SBOM for your product or #OpenSource project, you need to start now, no matter the industry.

/ht Dick Brooks for the pointer
#opensource #sbom

⇧