Explore the evolution and best practices of Software Bill of Materials (SBOM) management systems in this insightful 55-minute conference talk by Mark Gisi from Wind River Systems. Gain valuable insights from a decade-long journey of SBOM system development, starting with the introduction of SPDX in 2011 to the third-generation release in 2023. Learn how requirements have shifted from license compliance to software export compliance, and now to security-driven approaches. Discover key lessons, dos and don'ts, and compare different SBOM solutions available in the market. Benefit from an overview of open-sourced libraries and utilities that can enhance your own SBOM initiatives, and understand how functional safety may shape future developments in this critical area of software management.
Case Study - 10+ Years of Developing an SBOM System - Dos and Don'ts
Overview
Syllabus
Case Study: 10+ Years of Developing an SBOM System and the Dos and Don’ts - Mark Gisi
Taught by
Linux Foundation
Tags
Related Courses
-
SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
-
License Compliance and Security Management for Embedded Systems
-
We Built the Kubernetes SBOM and Now You Can Write Your Own
-
Leverage Kubernetes SPDX Tools to Create Your SBOM
-
Practical SBOM Management with Zephyr and SPDX
-
Open Source Encryption and Export Regulations - The New Compliance Frontier
