Explore the SW360 software project for managing license compliance information and software bill-of-materials (SBOM) in this informative conference talk. Learn about SW360's evolution from its initial focus on SPDX information for products and projects to its expanded capabilities in vulnerability management, trade compliance assessment, and automated SBOM information handling through REST API. Discover how SW360 supports product approval processes by importing license obligations from the OSADL license checklist. Gain insights into SW360's architecture and witness demonstrations of its latest features, including vulnerability registration, SPDX input/output, and open-source software dependency management. Understand how SW360 streamlines the management of third-party components in software development and enhances overall compliance and security processes.
SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
Overview
Syllabus
SW360 SBOM: Managing Vulnerability Information, SPDX Documents and New Depen... Kouki Hama & Tien Le
Taught by
Linux Foundation
Tags
Related Courses
-
License Compliance and Security Management for Embedded Systems
-
Leverage Kubernetes SPDX Tools to Create Your SBOM
-
Practical SBOM Management with Zephyr and SPDX
-
Case Study - 10+ Years of Developing an SBOM System - Dos and Don'ts
-
SPDX 3.0 Update
-
We Built the Kubernetes SBOM and Now You Can Write Your Own
