Hello World+ Projects to Test and Benchmark Software Composition Analysis Tools
Eclipse Foundation via YouTube
Overview
Learn about testing and benchmarking Software Composition Analysis (SCA) tools through a 30-minute conference talk that explores the creation of Hello World+ projects. Discover Bosch's experience managing diverse programming environments and their approach to evaluating SCA tools for vulnerability detection, license compliance, and SBOM generation. Understand the significance of tool assessment in light of upcoming EU Cyber Resilience Act requirements, and explore a proposed framework presented at the OpenChain Tooling Group for testing SCA tools across different programming languages and package managers.
Syllabus
Hello World+ projects to test and benchmark software composition analysis tools - OCX 2024
Taught by
Eclipse Foundation