Experimental News Clipping Site

Tag: SBOM

  • Anchore: Syft 1.20: Faster Scans, Smarter License Detection, and Enhanced Bitnami Support

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/syft-1-20-faster-scans-smarter-license-detection-and-enhanced-bitnami-support/ Source: Anchore Title: Syft 1.20: Faster Scans, Smarter License Detection, and Enhanced Bitnami Support Feedly Summary: We’re excited to announce Syft v1.20.0! If you’re new to the community, Syft is Anchore’s open source software composition analysis (SCA) and SBOM generation tool that provides foundational support for software supply chain security for modern…

  • Anchore: SBOM 101: A Guide for Developers, Security Engineers & the DevSecOps Community

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/white-papers/sbom-101-a-guide-for-developers-security-engineers-the-devsecops-community/ Source: Anchore Title: SBOM 101: A Guide for Developers, Security Engineers & the DevSecOps Community Feedly Summary: Understand, Implement & Leverage SBOMs for Stronger Security & Risk Management. The post SBOM 101: A Guide for Developers, Security Engineers & the DevSecOps Community appeared first on Anchore. AI Summary and Description: Yes Summary:…

  • Anchore: Trust in the Supply Chain: CycloneDX Attestations & SBOMs

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/events/trust-in-the-supply-chain-cyclonedx-attestations-sboms/ Source: Anchore Title: Trust in the Supply Chain: CycloneDX Attestations & SBOMs Feedly Summary: The post Trust in the Supply Chain: CycloneDX Attestations & SBOMs appeared first on Anchore. AI Summary and Description: Yes Summary: This text relates to software security, specifically focusing on Software Bill of Materials (SBOM) and CycloneDX’s innovations.…

  • Anchore: DORA + SBOM Primer: Achieving Software Supply Chain Security in Regulated Industries

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/dora-overview/ Source: Anchore Title: DORA + SBOM Primer: Achieving Software Supply Chain Security in Regulated Industries Feedly Summary: At Anchore, we frequently discuss the steady drum beat of regulatory bodies mandating SBOMs (Software Bills of Materials) as the central element of modern software supply chain security. The Digital Operational Resilience Act (DORA) is…

  • Anchore: How Syft Scans Software to Generate SBOMs

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/how-syft-scans-software-to-generate-sboms/ Source: Anchore Title: How Syft Scans Software to Generate SBOMs Feedly Summary: Syft is an open source CLI tool and Go library that generates a Software Bill of Materials (SBOM) from source code, container images and packaged binaries. It is a foundational building block for various use-cases: from vulnerability scanning with tools…

  • Anchore: SBOMs 101: A Free, Open Source eBook for the DevSecOps Community

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/sboms-101-a-free-open-source-ebook-for-the-devsecops-community/ Source: Anchore Title: SBOMs 101: A Free, Open Source eBook for the DevSecOps Community Feedly Summary: Today, we’re excited to announce the launch of “Software Bill of Materials 101: A Guide for Developers, Security Engineers, and the DevSecOps Community”. This eBook is free and open source resource that provides a comprehensive introduction…

  • Anchore: SBOM Management: How to Tackle Sprawl and Secure Your Supply Chain

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/sbom-management-how-to-tackle-sprawl-and-secure-your-supply-chain/ Source: Anchore Title: SBOM Management: How to Tackle Sprawl and Secure Your Supply Chain Feedly Summary: Software Bill of Materials (SBOM) has emerged as a pivotal technology to scale product innovation while taming the inevitable growth of complexity of modern software development. SBOMs are typically thought of as a comprehensive inventory of…

  • Anchore: 2025 Cybersecurity Executive Order Requires Up Leveled Software Supply Chain Security

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/2025-cybersecurity-executive-order/ Source: Anchore Title: 2025 Cybersecurity Executive Order Requires Up Leveled Software Supply Chain Security Feedly Summary: A few weeks ago, the Biden administration published a new Executive Order (EO) titled “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity”. This is a follow-up to the original cybersecurity executive order—EO 14028—from…

  • Slashdot: Google Upgrades Open Source Vulnerability Scanning Tool with SCA Scanning Library

    by

    Kurt Seifried
    in

    Source URL: https://news.slashdot.org/story/25/01/19/0547233/google-upgrades-open-source-vulnerability-scanning-tool-with-sca-scanning-library Source: Slashdot Title: Google Upgrades Open Source Vulnerability Scanning Tool with SCA Scanning Library Feedly Summary: AI Summary and Description: Yes Summary: Google has enhanced its vulnerability scanning capabilities through the introduction of OSV-Scanner and OSV-SCALIBR. These tools not only facilitate comprehensive scanning across various programming languages and environments but also integrate…

  • Google Online Security Blog: OSV-SCALIBR: A library for Software Composition Analysis

    by

    Kurt Seifried
    in

    Source URL: https://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html Source: Google Online Security Blog Title: OSV-SCALIBR: A library for Software Composition Analysis Feedly Summary: AI Summary and Description: Yes Summary: The article discusses the launch of OSV-SCALIBR, an extensible library for software composition analysis (SCA) and file system scanning. It highlights its capabilities, including vulnerability scanning and Software Bill of Materials…