SPDX

Join the #linux community on Oct. 11 for an #ELISASeminar that focuses on the Road to Safe Space Exploration presented by Ivan Perez Dominguez, Senior Research Scientist at @NASAAmes. Learn more & register: hubs.la/Q024fssH0 @ProjectElisa @NASA #opensource #ELISAProject

#SBOM alone may not encode enough detail to separate non-exploitable vulnerabilities from exploitable ones writes Surendra Pathak in our latest guest blog on VDR, VEX, OpenVEX & CSAF openssf.org/blog/2023/09/0…

Cisco announces SBOMs for recent @cisco products. Great @jefschut blog highlighting 1) the importance of transparency, 2) acknowledging that #SBOM implementation will be a journey, but that 3) we all have to start now for better #supplychain security blogs.cisco.com/security/demon…

.@SPDX_SBOM v3.0 is in the works, and it's expected to include several major changes from the current v2.3. Get an early look at what to expect — such as support for emerging BOM use cases like AI and data — in our new blog. #SBOM @SPDXTeam fossa.com/blog/spdx-3-0/

Fun! A think tank analysis combines my passion for both Taylor Swift and #SBOM. Nice job by @DFRLab & @AtlanticCouncil @CyberStatecraft for unpacking some of the common (and dare we say imperfect) concerns about SBOM from beltway lobbyists. dfrlab.org/2023/07/19/why…

Providing Transparency at Software Development’s core process: build time by @lumjjb and @_ctlfsh spdx.lfprojects.linuxfoundation.org/providing-tran…

Excellent summary of what the team got up to during the SPDX Minisummit last month!

I look forward to attending the SBOM-a-rama next week in Los Angeles, hosted by the @CISAgov. @theopenssf and @spdxteam believe SBOMs are a core part of securing our Open Source supply chain. Let me know if you'll be there! cisa.gov/sbom-2023-agen…

If you don't submit a comment, the USPTO will make it easier and more profitable for patent trolls to target #opensource users with bogus claims.

Packed venue for @jzemlin’s opening keynote at #OSSummit in Vancouver, BA 🇨🇦

Excited to get the perspectives of @_kate_stewart and @chrisblask on what the world will look like when #SBOM is ubiquitous.

Software #supplychain transparency is emerging w/ #SBOMs. In this @RSAConference talk on April 25 at 9:40 am, @linuxfoundation's @_kate_stewart & @cybeatstech's @chrisblask present best practices that improve IP control, lower operational costs & more: hubs.la/Q01MgNN80

📢bom v0.5.1 the @kubernetesio SPDX SBOM tool is out! This release embeds the @SPDXTeam license list to generate SBOMs in airgapped envs, adds support for apk packages + lots of bug fixes Big thanks to @sbs0x @developerguyba @rosejudge5 and @comedordexis for contributing!

🎉Excited to see that an SPDX SBOM can now be generated by a push of an export button! Thanks for making things easier for all the open source developers on @github! Awesome work @jhutchings0

Get the latest on the SBOM Everywhere working group from @joshbressers and @_kate_stewart in this new @theopenssf blog post. #sbom #security #opensource

Check out "Open Source Law Policy and Practice Book Panel" with Amanda Brock (@amandabrockUK), Jilayne Lovejoy (@jilaynelovejoy), Kate Stewart (@_kate_stewart ), Karen Sandler (@o0karen0o), Nithya Ruff (@nithyaruff) & Pamela Chestek (@pchestek) on YouTube! youtu.be/KaOE1J8ycJs

Shaheem Azmal and Gaurav Mizra from Siemens presenting how Fossology reads licensing information from source code at the @fosdem #SBOM devroom

Hearing from @nicpappler about plans to leverage SPDX for functional safety 🦺 @fosdem #SBOM devroom #FuSa

Joshua Watt from Garmin showcasing the upcoming @SPDXTeam build profile as part of his deep dive into build environment SBOMs in the @yoctoproject

If you're going to @OpenEmbeddedOrg's OE workshop on February 6 in Brussels, don't miss this talk by @Arm's Peter Hoyes about "Integrating #ZephyrRTOS using @yoctoproject." Learn more: hubs.la/Q01B51kg0 @ZephyrIoT #opensource #embedded #openembedded #RTOS