Hello World+ Projects to Test and Benchmark Software Composition Analysis Tools
Eclipse Foundation via YouTube
Overview
Learn about testing and benchmarking Software Composition Analysis (SCA) tools through a 30-minute conference talk that explores the development of Hello World+ projects. Discover Bosch's experience managing diverse programming environments and their approach to evaluating SCA tools for vulnerability detection, license compliance, and SBOM creation. Understand the significance of SCA tool assessment in light of the upcoming EU Cyber Resilience Act requirements, and explore a proposed framework presented at the OpenChain Tooling Group for testing these tools across various programming languages and package managers.
Syllabus
Hello World+ projects to test and benchmark software composition analysis tools - OCX 2024
Taught by
Eclipse Foundation