Showing posts with tag: #SBOM

11 months ago

Up next in my SBOM Skills series: 99% of the news is not on the front page! What are you missing by not tracking your "Below the Fold" SBOMS?

How and why you should find and manage the containers, infrastructure and middleware pieces that most SBOMs are missing.

Read more here:
https://zebracatzebra.com/sbom-skills/the-importance-of-below-the-fold-sboms/ #oss #opensource #softwaresupplychainsecurity #sbom

Tags: #oss #opensource #softwaresupplychainsecurity #SBOM

Likes: 0

Replies: 0

Boosts: 0

1 year ago

What lessons can we learn from 20 years of managing invisible cut and pastes of Open Source code and how can we apply them to managing code generated by AI tools?
https://zebracatzebra.com/oss/what-20-years-of-stolen-snippets-teaches-about-managing-ai-generated-code/ #ai #sbom #softwaresupplychainsecurity #opensource

Tags: #ai #SBOM #softwaresupplychainsecurity #opensource

Likes: 0

Replies: 0

Boosts: 0

1 year ago

Kicking off my new SBOM Skills Series with 'How Falsehoods, Folklore and Foul-ups hurt your SBOM'. What causes the problems your users will see in your SBOM? How can you get ahead of them? See how in my new article: https://zebracatzebra.com/sbom-skills/how-falsehoods-folklore-and-foul-ups-hurt-your-sbom/ #sbom #supplychain #opensource

Tags: #SBOM #supplychain #opensource

Likes: 0

Replies: 0

Boosts: 0

1 year ago

Getting a SBOM produced that you can stand behind and that won’t embarrass you or get you in trouble can be difficult at first. There’s a few common areas that SBOMs will have problems in. These include Completeness, Depth, Unremediated Vulnerabilities, Open Source License Violations, and Over Delivery.
Each of these areas can cause rework, missed deadlines, loss of sales and even legal problems. Let's dive into what these are and techniques to fix them! https://zebracatzebra.com/oss/your-first-sbom-is-going-to-stink-dont-panic-get-started-fixing-it/ #sbom

Tags: #SBOM

Likes: 0

Replies: 0

Boosts: 0