Explore the concept of Code Genome, a revolutionary approach to fingerprinting code for building trustworthy Software Bills of Materials (SBOMs), in this informative conference talk by Ian Molloy and Jiyong Jang from IBM Research. Delve into the challenges of trusting code in today's software landscape and understand how SBOMs are used to assess risks associated with software components and dependencies. Learn about the limitations of current SBOM generation tools and discover how Code Genome addresses these issues by creating semantically meaningful fingerprints of code functionality. Gain insights into the improved capabilities and scalability of Code Genome, including its ability to generate and verify SBOMs without source code access through a large knowledge graph of open source software. Examine how this innovative technology can fingerprint code across various sources and binaries, identify software components, and contribute to securing the software supply chain. Get a glimpse of the planned public service that will allow developers to scan and analyze code using Code Genome.
Code Genome - Fingerprinting Code to Build Trustworthy SBOMs
Overview
Syllabus
Code Genome - Fingerprinting Code to Build Trustworthy SBOMs - Ian Molloy & Jiyong Jang, IBM
Taught by
Linux Foundation
Tags
Related Courses
-
SBOMs That You Can Trust - The Good, the Bad, and the Ugly
-
Securing the Software Supply Chain - SBOMs and Their Impact
-
Auto Generate SBOMs for Open Source Projects in Any Language and Platform
-
Leveraging SBOMs to Automate Packaging, Transfer, and Reporting of Dependencies Between Secure Environments
-
The Evolution of SBOMs in AlmaLinux
-
Lessons Learned from Generating 100M SBOMs - Google's Approach to SBOM Compliance
