#softwarebillofmaterials — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #softwarebillofmaterials, aggregated by home.social.
-
Global Agencies Unveil AI Supply Chain Risk Guidance with SBOMs
Global agencies have joined forces to release groundbreaking guidance on AI supply chain risk, outlining minimum elements for Software Bill of Materials (SBOMs) to enhance security and transparency. This crucial step forward aims to tackle the complex challenges of measuring and defining AI risks across organizations.
#AiSupplyChain #SoftwareBillOfMaterials #Sbom #ArtificialIntelligence #G7
-
G7 Guidance Sets AI Security Standards
The G7 has set a new benchmark for AI security with the release of voluntary guidelines, outlining the minimum requirements for transparency around AI system components. This move aims to establish a common baseline for the industry, promoting trust and safety in the rapidly evolving AI landscape.
https://osintsights.com/g7-guidance-sets-ai-security-standards?utm_source=mastodon&utm_medium=social
#AiSecurity #G7 #Cisa #ArtificialIntelligence #SoftwareBillOfMaterials
-
AI-BOMs Tackle Shadow AI Risks in Enterprise Supply Chains
Imagine biting into a cake without knowing the recipe, ingredients, or who's behind the baking - it's a risk you wouldn't take, right? Similarly, without AI-BOMs, enterprises are left in the dark about the AI components powering their supply chains, leaving them vulnerable to shadow AI risks.
#Aiboms #SupplyChain #EnterpriseSecurity #ArtificialIntelligence #SoftwareBillOfMaterials
-
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) It's about upping your engineering game! -- a workshop article with hands on parts #developement #EUCRA #CRA #cyberresilienceact #sbom #softwarebillofmaterials #engineering #quality #freesoftware #libresoftware #dependencies #dependencymanagement
-
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) It's about upping your engineering game! -- a workshop article with hands on parts #developement #EUCRA #CRA #cyberresilienceact #sbom #softwarebillofmaterials #engineering #quality #freesoftware #libresoftware #dependencies #dependencymanagement
-
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) It's about upping your engineering game! -- a workshop article with hands on parts #developement #EUCRA #CRA #cyberresilienceact #sbom #softwarebillofmaterials #engineering #quality #freesoftware #libresoftware #dependencies #dependencymanagement
-
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) It's about upping your engineering game! -- a workshop article with hands on parts #developement #EUCRA #CRA #cyberresilienceact #sbom #softwarebillofmaterials #engineering #quality #freesoftware #libresoftware #dependencies #dependencymanagement
-
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) It's about upping your engineering game! -- a workshop article with hands on parts #developement #EUCRA #CRA #cyberresilienceact #sbom #softwarebillofmaterials #engineering #quality #freesoftware #libresoftware #dependencies #dependencymanagement
-
SBOM management and generation: How Sonatype leads in software supply chain visibility – Source: securityboulevard.com https://ciso2ciso.com/sbom-management-and-generation-how-sonatype-leads-in-software-supply-chain-visibility-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #ForresterWave #ForresterSCA #Forrester #SBOM
-
SBOM management and generation: How Sonatype leads in software supply chain visibility – Source: securityboulevard.com https://ciso2ciso.com/sbom-management-and-generation-how-sonatype-leads-in-software-supply-chain-visibility-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #ForresterWave #ForresterSCA #Forrester #SBOM
-
SBOM management and generation: How Sonatype leads in software supply chain visibility – Source: securityboulevard.com https://ciso2ciso.com/sbom-management-and-generation-how-sonatype-leads-in-software-supply-chain-visibility-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #ForresterWave #ForresterSCA #Forrester #SBOM
-
SBOM management and generation: How Sonatype leads in software supply chain visibility – Source: securityboulevard.com https://ciso2ciso.com/sbom-management-and-generation-how-sonatype-leads-in-software-supply-chain-visibility-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #ForresterWave #ForresterSCA #Forrester #SBOM
-
Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition – Source: securityboulevard.com https://ciso2ciso.com/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #Risk&Compliance #SBOMManager #Compliance #Governance #SBOM #pci
-
Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition – Source: securityboulevard.com https://ciso2ciso.com/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #Risk&Compliance #SBOMManager #Compliance #Governance #SBOM #pci
-
Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition – Source: securityboulevard.com https://ciso2ciso.com/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #Risk&Compliance #SBOMManager #Compliance #Governance #SBOM #pci
-
Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition – Source: securityboulevard.com https://ciso2ciso.com/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #Risk&Compliance #SBOMManager #Compliance #Governance #SBOM #pci
-
Was sind SBOMs?
Ein neuer Beitrag auf meinem Blog. Grundlagen zum Thema SBOMs.
#bom #sbom #sboms #software #softwaredevelopment #softwarebillofmaterials #SoftwareBillsofMaterialSBOMs #dev #devops #development #developer #blog #cybersecurity #security #cyclonedx #spdx #vex
-
Was sind SBOMs?
Ein neuer Beitrag auf meinem Blog. Grundlagen zum Thema SBOMs.
#bom #sbom #sboms #software #softwaredevelopment #softwarebillofmaterials #SoftwareBillsofMaterialSBOMs #dev #devops #development #developer #blog #cybersecurity #security #cyclonedx #spdx #vex
-
Was sind SBOMs?
Ein neuer Beitrag auf meinem Blog. Grundlagen zum Thema SBOM.
#bom #sbom #sboms #software #softwaredevelopment #softwarebillofmaterials #SoftwareBillsofMaterialSBOMs #dev #devops #development #developer #blog #cybersecurity #security #cyclonedx #spdx #vex
-
Was sind SBOMs?
Ein neuer Beitrag auf meinem Blog. Grundlagen zum Thema SBOM.
#bom #sbom #sboms #software #softwaredevelopment #softwarebillofmaterials #SoftwareBillsofMaterialSBOMs #dev #devops #development #developer #blog #cybersecurity #security #cyclonedx #spdx #vex
-
Was sind SBOMs?
Ein neuer Beitrag auf meinem Blog. Grundlagen zum Thema SBOMs.
#bom #sbom #sboms #software #softwaredevelopment #softwarebillofmaterials #SoftwareBillsofMaterialSBOMs #dev #devops #development #developer #blog #cybersecurity #security #cyclonedx #spdx #vex
-
Bloggingsaturday?
"Das Spiel mit dem Open Source Feuer"?
Mich störte die Formulierung massiv, also schrieb ich einen Blog Eintrag dazu.
#SBOM #SBOMs #opensource #security #softwarebillofmaterials #linux #spdx #cyclonedx #owasp #linuxfoundation
-
Bloggingsaturday?
"Das Spiel mit dem Open Source Feuer"?
Mich störte die Formulierung massiv, also schrieb ich einen Blog Eintrag dazu.
#SBOM #SBOMs #opensource #security #softwarebillofmaterials #linux #spdx #cyclonedx #owasp #linuxfoundation
-
Bloggingsaturday?
"Das Spiel mit dem Open Source Feuer"?
Mich störte die Formulierung massiv, also schrieb ich einen Blog Eintrag dazu.
#SBOM #SBOMs #opensource #security #softwarebillofmaterials #linux #spdx #cyclonedx #owasp #linuxfoundation
-
Bloggingsaturday?
"Das Spiel mit dem Open Source Feuer"?
Mich störte die Formulierung massiv, also schrieb ich einen Blog Eintrag dazu.
#SBOM #SBOMs #opensource #security #softwarebillofmaterials #linux #spdx #cyclonedx #owasp #linuxfoundation
-
Bloggingsaturday?
"Das Spiel mit dem Open Source Feuer"?
Mich störte die Formulierung massiv, also schrieb ich einen Blog Eintrag dazu.
#SBOM #SBOMs #opensource #security #softwarebillofmaterials #linux #spdx #cyclonedx #owasp #linuxfoundation
-
Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update – Source: securityboulevard.com https://ciso2ciso.com/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #DepartmentofDefense #softwaresupplychain #CyberSecurityNews #SecurityBoulevard #DevSecOps #DevOps #SBOM
-
Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update – Source: securityboulevard.com https://ciso2ciso.com/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #DepartmentofDefense #softwaresupplychain #CyberSecurityNews #SecurityBoulevard #DevSecOps #DevOps #SBOM
-
Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update – Source: securityboulevard.com https://ciso2ciso.com/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #DepartmentofDefense #softwaresupplychain #CyberSecurityNews #SecurityBoulevard #DevSecOps #DevOps #SBOM
-
🔍 Many of us rely on CI/CD and automated tests.
🛡️ But often, license compliance is overlooked.
📜 Compliance isn't just about CVE scans and test reports, it's also about license management.
🚀 With the right tools, you can integrate license compliance into your DevOps processes seamlessly.
📅 Schedule a chat to discuss more: https://outlook.office.com/bookwithme/user/[email protected]?anonymous&ep=pcard
#Compliance #CICD #AzureDevOps #MicrosoftAzure #LicenseManagement #SBOM #SoftwareBillOfMaterials #CVE #ContinuousIntegration
-
This week I joined @jodywestby on @AssociationDCG’s Cybersecurity & Privacy Podcast to explore the role of SBOMs in cybersecurity, limits to their effectiveness, advancements and much more.
-
This week I joined @jodywestby on @AssociationDCG’s Cybersecurity & Privacy Podcast to explore the role of SBOMs in cybersecurity, limits to their effectiveness, advancements and much more.
-
This week I joined @jodywestby on @AssociationDCG’s Cybersecurity & Privacy Podcast to explore the role of SBOMs in cybersecurity, limits to their effectiveness, advancements and much more.
-
Automating and maintaining SBOMs – Source: securityboulevard.com https://ciso2ciso.com/automating-and-maintaining-sboms-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #automation #SBOM
-
Automating and maintaining SBOMs – Source: securityboulevard.com https://ciso2ciso.com/automating-and-maintaining-sboms-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #automation #SBOM
-
Automating and maintaining SBOMs – Source: securityboulevard.com https://ciso2ciso.com/automating-and-maintaining-sboms-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #automation #SBOM
-
Automating and maintaining SBOMs – Source: securityboulevard.com https://ciso2ciso.com/automating-and-maintaining-sboms-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #softwarebillofmaterials #CyberSecurityNews #SecurityBoulevard #automation #SBOM
-
Xeol is a scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs (Software Bill of Materials).
https://github.com/xeol-io/xeol
#Xeol #Scanner #EndOfLife #EOL #ContainerImages #Filesystems #SBOM #SoftwareBillOfMaterials #DevOps #Cybersecurity
-
Xeol is a scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs (Software Bill of Materials).
https://github.com/xeol-io/xeol
#Xeol #Scanner #EndOfLife #EOL #ContainerImages #Filesystems #SBOM #SoftwareBillOfMaterials #DevOps #Cybersecurity
-
Xeol is a scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs (Software Bill of Materials).
https://github.com/xeol-io/xeol
#Xeol #Scanner #EndOfLife #EOL #ContainerImages #Filesystems #SBOM #SoftwareBillOfMaterials #DevOps #Cybersecurity
-
Xeol is a scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs (Software Bill of Materials).
https://github.com/xeol-io/xeol
#Xeol #Scanner #EndOfLife #EOL #ContainerImages #Filesystems #SBOM #SoftwareBillOfMaterials #DevOps #Cybersecurity
-
Xeol is a scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs (Software Bill of Materials).
https://github.com/xeol-io/xeol
#Xeol #Scanner #EndOfLife #EOL #ContainerImages #Filesystems #SBOM #SoftwareBillOfMaterials #DevOps #Cybersecurity
-
Secure your #containers with tutelage from @Jonzeolla from #Seiso at @codeandsupply on Tuesday, November 28. In this lab, you'll get hands-on with containers, learn how to examine them for common mistakes, and then add in some #security controls like container image signing, create a #SoftwareBillofMaterials #SBOM and run #vulnerability scans.
It costs $50 and includes dinner.
RSVP here: https://www.meetup.com/pittsburgh-code-supply/events/297107969/
-
Secure your #containers with tutelage from @Jonzeolla from #Seiso at @codeandsupply on Tuesday, November 28. In this lab, you'll get hands-on with containers, learn how to examine them for common mistakes, and then add in some #security controls like container image signing, create a #SoftwareBillofMaterials #SBOM and run #vulnerability scans.
It costs $50 and includes dinner.
RSVP here: https://www.meetup.com/pittsburgh-code-supply/events/297107969/
-
Secure your #containers with tutelage from @Jonzeolla from #Seiso at @codeandsupply on Tuesday, November 28. In this lab, you'll get hands-on with containers, learn how to examine them for common mistakes, and then add in some #security controls like container image signing, create a #SoftwareBillofMaterials #SBOM and run #vulnerability scans.
It costs $50 and includes dinner.
RSVP here: https://www.meetup.com/pittsburgh-code-supply/events/297107969/
-
Secure your #containers with tutelage from @Jonzeolla from #Seiso at @codeandsupply on Tuesday, November 28. In this lab, you'll get hands-on with containers, learn how to examine them for common mistakes, and then add in some #security controls like container image signing, create a #SoftwareBillofMaterials #SBOM and run #vulnerability scans.
It costs $50 and includes dinner.
RSVP here: https://www.meetup.com/pittsburgh-code-supply/events/297107969/
-
"They can request SBOMs til they're blue in the face, but there’s no framework in place for enforcement."
- @webjedi in my writeup of #SBOM-a-rama:
https://www.techtarget.com/searchitoperations/news/366542018/CISA-SBOM-standards-efforts-stymied-by-confusion-inertia#softwaresupplychain #cybersecurity @CISAgov
#CISA #NTIA #NIST #FDA #softwaresupplychainsecurity #supplychainsecurity #softwarebillofmaterials #cloud #cloudsecurity #security #infrastructure #cloudnative #cloudnativesecurity #sbomarama -
"They can request SBOMs til they're blue in the face, but there’s no framework in place for enforcement."
- @webjedi in my writeup of #SBOM-a-rama:
https://www.techtarget.com/searchitoperations/news/366542018/CISA-SBOM-standards-efforts-stymied-by-confusion-inertia#softwaresupplychain #cybersecurity @CISAgov
#CISA #NTIA #NIST #FDA #softwaresupplychainsecurity #supplychainsecurity #softwarebillofmaterials #cloud #cloudsecurity #security #infrastructure #cloudnative #cloudnativesecurity #sbomarama -
"They can request SBOMs til they're blue in the face, but there’s no framework in place for enforcement."
- @webjedi in my writeup of #SBOM-a-rama:
https://www.techtarget.com/searchitoperations/news/366542018/CISA-SBOM-standards-efforts-stymied-by-confusion-inertia#softwaresupplychain #cybersecurity @CISAgov
#CISA #NTIA #NIST #FDA #softwaresupplychainsecurity #supplychainsecurity #softwarebillofmaterials #cloud #cloudsecurity #security #infrastructure #cloudnative #cloudnativesecurity #sbomarama -
"They can request SBOMs til they're blue in the face, but there’s no framework in place for enforcement."
- @webjedi in my writeup of #SBOM-a-rama:
https://www.techtarget.com/searchitoperations/news/366542018/CISA-SBOM-standards-efforts-stymied-by-confusion-inertia#softwaresupplychain #cybersecurity @CISAgov
#CISA #NTIA #NIST #FDA #softwaresupplychainsecurity #supplychainsecurity #softwarebillofmaterials #cloud #cloudsecurity #security #infrastructure #cloudnative #cloudnativesecurity #sbomarama