Back from #FOSDEM and working on the new European SBOM conference in Stockholm April 10th. Send me your ideas for talks!
#SBOM #CYCLONEDX #SPDX #POTATOSECURITY #CRA #EUCRA
1
0
1
0
#SPDX
Latest posts tagged with #SPDX on Bluesky
Trending
Posts tagged #SPDX
Back from #FOSDEM and working on the new European SBOM conference in Stockholm April 10th. Send me your ideas for talks!
#SBOM #CYCLONEDX #SPDX #CYBERSECURITY #CRA #EUCRA
1
0
1
0
The slides for my presentation "Please sign your artefacts. WITH WHAT?" at #FOSDEM in the Security devroom are now available for viewing. A video will be coming soon.
fosdem.org/2026/schedule/event/RFFD...
#SBOM #SPDX #CYCLONEDX #OWASP #CYBERSECURITY #PKILOVE #pki
2
2
0
0
At the #AboutCode SBOM tools workshop we talked about creating a way of continuing the discussions. I've just created a #SBOM-tools slack channel in the @orcwg space. Join us to discuss #SBOM tools and interoperability!
https://orcwg.org/participate/
#SBOM #CYCLONEDX #SPDX #PURL
0
0
0
0
The EU Cyber Resilience Act requires manufacturers to have an SBOM - but what does that mean? Last Friday we had a chat about the CRA and SBOMs and it turned out it wasn't easy to figure out.
Check the video at youtu.be/W-E55x8fPyY?...
#SBOM #EUCRA #CRA #SPDX #CYCLONEDX
1
2
0
0
PEP 770 was accepted in April of this year, what has happened since then?
sethmlarson.dev/pep-770-sbom...
#Python #SBOM #CycloneDX #SPDX #auditwheel #cibuildwheel
6
2
0
0
Updating license_scanner to 0.4! Now #Python package with #SPDX operators AND/OR will also work
medium.com/@nijhof.dns/...
1
0
0
0
We have now updated our packaging tutorial to include PEP 639, which enables SPDX-compliant licensing: python-basics-tutorial.readthedocs.io/en/latest/pa...
#Python #Packaging #SPDX #Licensing
2
1
0
0
Transparency is no longer optional in the software supply chain.
SBOM = visibility
SPDX = structure
SCA tools = speed + accuracy
Here’s why suppliers need both ➡️ scatool.com/resources/sb...
#SBOM #SPDX #SCA #Compliance
0
0
0
0
Your codebase called. It wants full ingredient labels. And it has to be packaged nicely.
New blog: “Understanding SPDX” → the ISO-approved SBOM recipe for cutting license + vuln chaos.
Read: scatool.com/resources/sb...
#SPDX #SBOM #SCATool #Opensoucesoftware
0
0
0
0
"It's more than just software now, it really is a system"—the insight driving the biggest evolution in supply chain security since SBOMs were invented.
Why SPDX 3.0 redesigne... anchore.com/blog/spdx-3-0-from-softw...
#SPDX #SBOM #SoftwareSupplyChain
0
0
0
0
You can't secure what you can't see—and traditional SBOMs can't see the connections where tomorrow's vulnerabilities hide.
How SPDX 3.0 transforms software inventory into sys... anchore.com/blog/spdx-3-0-from-softw...
#SPDX #SBOM #SoftwareSupplyChain
0
0
0
0
Today I found a tool for checking open source licenses 🔥
📜 feluda — Detect license usage restrictions in your project.
💯 Supports Rust, TS, JS, Go, Python & more!
🦀 Written in Rust & built with @ratatui.rs
⭐ GitHub: github.com/anistark/fel...
#rustlang #ratatui #tui #license #spdx #opensource
42
10
2
0
The most successful standards start by doing almost nothing.
HTTP in 1991: Just GET requests
HTTP today: Powers the entire internet
SBOMs in 2024: "Barely valid"
SBOMs in 2030...
anchore.com/blog/the-sbom-paradox-wh...
#SoftwareSupplyChain #SBOM #SPDX
0
0
0
0
It was a busy week in the Syft ecosystem! We merged fixes for #SPDX package filtering, resolved some tricky upstream package issues, and improved how we handle database errors.... anchorecommunity.discourse.group/t/anchore-open-source-we...
#SBOM #OpenSource #BugFix
2
0
0
0
cultivate(MD) Announces SPDx Acquisition: A Game Changer for Surgical Instrument Sterilization #USA #Grand_Rapids #cultivate(MD) #SPDx #Instrumentum
0
0
0
0
0
0
0
0
Zen of SBOM #3: "DEPENDENCIES are like relationships. You can't choose them, but they're important."
What do you think? Discuss!
#SBOM #ZENSBOM #SPDX #CYCLONEDX
0
0
0
0
The OWASP Transparency Exchange API has published our first BETA release for implementors to start implementing the consumer API including the discovery.
Get all the docs including the #openapi specification here:
github.com/CycloneDX/tr...
#OWASP #TEA #SBOM #CYCLONEDX #SPDX
2
2
0
0
Zen of SBOM #2: "SBOM is not a single process to be completed. It's a lifecycle process".
What do you think? Discuss!
#SBOM #ZENSBOM #SPDX #CYCLONEDX
1
1
0
0
Join us for a few postings named "The ZEN of SBOM". The first one is "SBOM is not the answer to all software problems, but it sure helps"
What do you think! Let's discuss!
#SBOM #CYCLONEDX #SPDX #SOFTWARETRANSPARENCY
0
0
0
0
"The Microsoft #opensource #SBOM Tool now supports hashtag #SPDX 3.0!"
www.linkedin.com/posts/adrian... #cybersecurity
2
0
0
0
SciTech Chronicles. . . . . . . . .May 2nd, 2025
bit.ly/stc050225
#protoplanets#"moment of inertia" #stratification #SPDX #ZTS #Linux #"6.14 kernel" #respiration #electrons #electrochemistry#"geological history" #"Stac Fada Member" #Rodinia #"gastrointestinal diseases" #metagenomic #metaproteomic
0
0
0
0
Dziękujemy za uczestnictwo w zawodach SP DX CONTEST 2025! Otrzymaliśmy wysłany przez Ciebie dziennik stacji SP7PBC w kategorii MOAB MIXED . Twój log zawiera 105 łączności.
105 QSOs in SP DX Contest as a club station SP7PBC, thank you all, 73 #hamradio #spdx
2
0
0
0
#SPDX 3.0 and the Future of #SBOMs—What's Next? Kate Stewart, a leading force behind SPDX, and Alan Pope of Anchore discuss the latest advancements in SBOMs, regulatory shifts, an... get.anchore.com/future-of-sboms-with-kat... get.anchore.com/future-of-sboms-with-kat...
0
0
0
0
Works with Vulnetix
#Secrets scanners
#SAST
Linters
#Code test coverage
#IaC
#Containers
Compilers
#DAST
#AttackSurface
+ Anything else that exports #CycloneDX, #SPDX, or #SARIF
Vendor Support for CycloneDX here: cyclonedx.org/about/suppor...
Or SPDX here: spdx.dev/use/spdx-too...
Let's chat
2
1
0
0
