Learn about the current challenges and future potential of Software Bill of Materials (SBOMs) in this 29-minute conference talk from OpenSSF. Explore why end users struggle with SBOM implementation, including issues of inconsistent formats, insufficient guidance, and limited tooling options. Discover how current regulations can be satisfied with minimal effort, such as empty JSON files or basic word documents, highlighting the gap between compliance and practical utility. Examine ongoing initiatives to enhance SBOM practices through OpenSSF projects like Protobom and bomctl, which aim to provide essential tooling for end users. Gain insights into the collaborative efforts between specification designers, regulators, and developers working to transform SBOMs from mere regulatory requirements into valuable tools for effective software management and security.
The Current State of Software Bill of Materials (SBOMs) for End Users
Overview
Syllabus
The Current State of SBOMs for End Users - Eddie Zaneski, Defense Unicorns
Taught by
OpenSSF
Related Courses
-
SBOMs Go Global: Current State and Emerging Trends
-
What's New in the World of SBOMs?
-
The Missing Link: How to Collect and Leverage Software Bill of Materials (SBOMs)
-
SBOMs Everywhere - Work in Progress and Challenges Ahead
-
Software Bill of Materials (SBOM) in Kubernetes - Best Practices and Approaches
-
The State of SBOMs
