#sboms — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sboms, aggregated by home.social.
-
Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.
Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/ -
Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.
Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/ -
Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.
Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/ -
Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.
Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/ -
Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.
Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/ -
Third-Party Notices (TPNs) are often the only verifiable record when source code or #SBOMs are inaccessible, yet they’re usually trapped in unstructured PDFs.
A new guest blog by Devashri Datta discusses transforming TPNs into "Security Intelligence."
-
Third-Party Notices (TPNs) are often the only verifiable record when source code or #SBOMs are inaccessible, yet they’re usually trapped in unstructured PDFs.
A new guest blog by Devashri Datta discusses transforming TPNs into "Security Intelligence."
-
Third-Party Notices (TPNs) are often the only verifiable record when source code or #SBOMs are inaccessible, yet they’re usually trapped in unstructured PDFs.
A new guest blog by Devashri Datta discusses transforming TPNs into "Security Intelligence."
-
Third-Party Notices (TPNs) are often the only verifiable record when source code or #SBOMs are inaccessible, yet they’re usually trapped in unstructured PDFs.
A new guest blog by Devashri Datta discusses transforming TPNs into "Security Intelligence."
-
Third-Party Notices (TPNs) are often the only verifiable record when source code or #SBOMs are inaccessible, yet they’re usually trapped in unstructured PDFs.
A new guest blog by Devashri Datta discusses transforming TPNs into "Security Intelligence."
-
Again for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
-
Again for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
-
Again for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
-
Again for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
-
Again for the evening (CET) crowd:
The recording from NYC*BUG (Properly pronounced "Nice Bug") Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: https://youtu.be/HOCsvcCm1Ec
Peertube: https://toobnix.org/w/bQPtKXKqJMdeYDbzhrrkEa#bookofpf #OpenBSD #freebsd #packetfilter #EUCRA #CRA #SBOMS #dependency #supplychain #security @nostarch
-
Andrew Nesbitt takes us on a thrilling journey through the dazzling world of #lockfiles, asking the earth-shattering question: could they be SBOMs? 🚀✨ Spoiler alert: the answer is yes, but in formats as unique as snowflakes. ❄️ Meanwhile, the rest of the world waits with bated breath for the EU to dictate our digital lives! 🇪🇺🔒
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html #SBOMs #digitaltransformation #EUregulations #cybersecurity #HackerNews #ngated -
Andrew Nesbitt takes us on a thrilling journey through the dazzling world of #lockfiles, asking the earth-shattering question: could they be SBOMs? 🚀✨ Spoiler alert: the answer is yes, but in formats as unique as snowflakes. ❄️ Meanwhile, the rest of the world waits with bated breath for the EU to dictate our digital lives! 🇪🇺🔒
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html #SBOMs #digitaltransformation #EUregulations #cybersecurity #HackerNews #ngated -
Andrew Nesbitt takes us on a thrilling journey through the dazzling world of #lockfiles, asking the earth-shattering question: could they be SBOMs? 🚀✨ Spoiler alert: the answer is yes, but in formats as unique as snowflakes. ❄️ Meanwhile, the rest of the world waits with bated breath for the EU to dictate our digital lives! 🇪🇺🔒
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html #SBOMs #digitaltransformation #EUregulations #cybersecurity #HackerNews #ngated -
Andrew Nesbitt takes us on a thrilling journey through the dazzling world of #lockfiles, asking the earth-shattering question: could they be SBOMs? 🚀✨ Spoiler alert: the answer is yes, but in formats as unique as snowflakes. ❄️ Meanwhile, the rest of the world waits with bated breath for the EU to dictate our digital lives! 🇪🇺🔒
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html #SBOMs #digitaltransformation #EUregulations #cybersecurity #HackerNews #ngated -
🧑🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.
Watch the OpenSSF Project Spotlight about #bomctl: https://youtu.be/Tax1pNaySYQ?si=98Cg8V73m7uHzTMu
-
🧑🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.
Watch the OpenSSF Project Spotlight about #bomctl: https://youtu.be/Tax1pNaySYQ?si=98Cg8V73m7uHzTMu
-
🧑🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.
Watch the OpenSSF Project Spotlight about #bomctl: https://youtu.be/Tax1pNaySYQ?si=98Cg8V73m7uHzTMu
-
🧑🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.
Watch the OpenSSF Project Spotlight about #bomctl: https://youtu.be/Tax1pNaySYQ?si=98Cg8V73m7uHzTMu
-
🧑🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.
Watch the OpenSSF Project Spotlight about #bomctl: https://youtu.be/Tax1pNaySYQ?si=98Cg8V73m7uHzTMu
-
I chat with @mbarbero about security happenings at the @EclipseFdn
My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!
https://opensourcesecurity.io/2025/2025-10-eclipse-sbom-mikael-barbero/
-
I chat with @mbarbero about security happenings at the @EclipseFdn
My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!
https://opensourcesecurity.io/2025/2025-10-eclipse-sbom-mikael-barbero/
-
I chat with @mbarbero about security happenings at the @EclipseFdn
My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!
https://opensourcesecurity.io/2025/2025-10-eclipse-sbom-mikael-barbero/
-
I chat with @mbarbero about security happenings at the @EclipseFdn
My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!
https://opensourcesecurity.io/2025/2025-10-eclipse-sbom-mikael-barbero/
-
I chat with @mbarbero about security happenings at the @EclipseFdn
My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!
https://opensourcesecurity.io/2025/2025-10-eclipse-sbom-mikael-barbero/
-
Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers
Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…
Grab your coffee and hit play: https://youtu.be/4jtf9ATNyx8
-
Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers
Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…
Grab your coffee and hit play: https://youtu.be/4jtf9ATNyx8
-
Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers
Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…
Grab your coffee and hit play: https://youtu.be/4jtf9ATNyx8
-
Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers
Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…
Grab your coffee and hit play: https://youtu.be/4jtf9ATNyx8
-
Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers
Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…
Grab your coffee and hit play: https://youtu.be/4jtf9ATNyx8
-
Next week I will attend to #osseu 2025 from @linuxfoundation to talk about osskb.org , the service that allow OSS devs and projects to detect open source software, so they can curate it, then create accurate and complete #sboms with their tooling of choice, in a reasonable amount of time https://osseu2025.sched.com/event/25VuV/the-sbom-era-leaving-no-open-source-project-behind-with-osskborg-agustin-benito-bethencourt-toscalix-consulting-matias-daloia-scanoss?iframe=no
-
Next week I will attend to #osseu 2025 from @linuxfoundation to talk about osskb.org , the service that allow OSS devs and projects to detect open source software, so they can curate it, then create accurate and complete #sboms with their tooling of choice, in a reasonable amount of time https://osseu2025.sched.com/event/25VuV/the-sbom-era-leaving-no-open-source-project-behind-with-osskborg-agustin-benito-bethencourt-toscalix-consulting-matias-daloia-scanoss?iframe=no
-
Next week I will attend to #osseu 2025 from @linuxfoundation to talk about osskb.org , the service that allow OSS devs and projects to detect open source software, so they can curate it, then create accurate and complete #sboms with their tooling of choice, in a reasonable amount of time https://osseu2025.sched.com/event/25VuV/the-sbom-era-leaving-no-open-source-project-behind-with-osskborg-agustin-benito-bethencourt-toscalix-consulting-matias-daloia-scanoss?iframe=no
-
Next week I will attend to #osseu 2025 from @linuxfoundation to talk about osskb.org , the service that allow OSS devs and projects to detect open source software, so they can curate it, then create accurate and complete #sboms with their tooling of choice, in a reasonable amount of time https://osseu2025.sched.com/event/25VuV/the-sbom-era-leaving-no-open-source-project-behind-with-osskborg-agustin-benito-bethencourt-toscalix-consulting-matias-daloia-scanoss?iframe=no
-
Next week I will attend to #osseu 2025 from @linuxfoundation to talk about osskb.org , the service that allow OSS devs and projects to detect open source software, so they can curate it, then create accurate and complete #sboms with their tooling of choice, in a reasonable amount of time https://osseu2025.sched.com/event/25VuV/the-sbom-era-leaving-no-open-source-project-behind-with-osskborg-agustin-benito-bethencourt-toscalix-consulting-matias-daloia-scanoss?iframe=no
-
Great podcast to learn how open source assessment is leveraged in mergers and aquisitions, and the value of SBOM for license compliance: My Open Source Experience Podcast: From Law to OSPOs https://shows.acast.com/my-open-source-experience-podcast/episodes/from-law-to-ospos-my-open-source-experience-podcast #OpenSource #SBOMs #podcast