Anchore: Trust in the Supply Chain: CycloneDX Attestations & SBOMs

Feb 14, 2025

—

Source URL: https://anchore.com/events/trust-in-the-supply-chain-cyclonedx-attestations-sboms/
Source: Anchore
Title: Trust in the Supply Chain: CycloneDX Attestations & SBOMs

Feedly Summary: The post Trust in the Supply Chain: CycloneDX Attestations & SBOMs appeared first on Anchore.

AI Summary and Description: Yes

Summary: This text relates to software security, specifically focusing on Software Bill of Materials (SBOM) and CycloneDX’s innovations. The discussion emphasizes the criticality of securing the software supply chain amid rising attacks, presenting insights into cryptographic attestations and trust-building in software components.

Detailed Description: The content of the webinar announcement highlights significant advancements in software security through the implementation of SBOMs and CycloneDX’s capabilities. Key points include:

– **Need for SBOMs**: With the rise in software supply chain attacks, understanding and maintaining trust in software components is paramount. SBOMs serve as a crucial tool in mapping the components within software systems and enhancing transparency.

– **Role of CycloneDX**: CycloneDX is positioning itself as a revolutionary framework in the domain of software supply chain security by providing machine-readable attestations that bolster the security of software components.

– **Attestation Capabilities**: The session will cover how CycloneDX’s attestation capabilities enable organizations to generate cryptographically verifiable evidence of their security practices, which is critical for establishing trust.

– **Automation of Audit Workflows**: The discussion will include how organizations can automate traditionally labor-intensive manual audit workflows while achieving high levels of accuracy and trustworthiness.

– **Expert Participants**: The webinar features insights from Steve Springett, an experienced figure in the OWASP community, along with Alan Pope from Anchore, both of whom bring substantial expertise and credibility to the presentation.

**Key Takeaways Could Include**:
– Understanding of SBOMs and their importance in enhancing software security.
– Insights into CycloneDX’s unique value proposition in software supply chain security.
– Strategies for implementing advanced security practices through automation and cryptographic evidence.

This content is particularly relevant for security and compliance professionals looking to strengthen their approach to software supply chain security within their organizations.

a accuracy Act advanced security advancement advancements AI Anchore and anti art as attack attacks attestation attestations audit Auto automation building by C capabilities chain chain attack CIA community compliance compliance professionals content critical Crypto cryptographic cryptographic attestations Cyclone D de domain e event exp experience expert expertise feature features first for framework g Gen graph high Highlight HR http HTTPS implementation in innovation Innovations insights intensive IRS k Key l Labor led long low mac machine machine-readable man no o of on one organization organizations over phi point post pre professionals R rate RCE red Ro Role Rust s s Position SBOM sec security security and compliance security practices self Sig software software bill of materials software components software security software supply chain software supply chain attacks software supply chain security source specific steve supply supply chain supply chain attack supply chain attacks supply chain security system systems T test text the to tool TP transparency trust trustworthiness two UI up US V val web webinar Wi workflow workflows x