Skip to content

RobMarion/sbom-pocs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 

Repository files navigation

SBoM PoCs and Strategies

This is a work in progress
Software supply chain issues have come to the forefront of the security world’s consciousness ever since the Solar Winds hack of 2020. As a direct consequence, a United States Presidential Executive Order (excerpted below) and additional pending litigation, not only in the US but in Europe (the Cyber Resilience Act) have mandated better accountability into determining what components comprise a software product. This document demonstrates some practical strategies to implementing a Software Bill of Materials (SBoM). At the time of its conception, the practical implementation of an SBoM had not been fully considered. One serious concern is the speed with which third party components change and the introduction of newly found vulnerabilities in those components.

All code snippets are MIT licensed.

About

SBoM strategies and PoCs

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages