An easy all-in-one portal to upload, parse, validate, compare, convert and search SPDX license list and documents.| tools.spdx.org
Learn about the new features and improvements in CycloneDX 1.6, including Cryptographic BOM, Attestation support, and Machine Learning BOM enhancements.| fossa.com
See five important factors to consider when evaluating SBOM tools for your organization in this buyer's guide.| fossa.com
As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.| Dependency Heaven
Learn about SPDX License Identifiers and License Expressions, and see how you can use them to communicate licensing information in an SBOM.| Dependency Heaven
A comprehensive overview of SBOMs (software bill of materials): their data fields, use cases, and formats, why they’re needed, and how to manage them.| fossa.com
Learn about VEX (Vulnerability Exploitability eXchange), which is used to communicate whether vulnerabilities impacting software products are actually exploitable.| Dependency Heaven
SPDX 3.0 introduces new profiles for better use case targeting and flexibility. Major upgrades include changes in document structure, profiles, relationships, and creator information.| fossa.com
Explore the EPSS scoring system and how it helps prioritize vulnerability exploitability.| fossa.com
A new version of the CycloneDX bill of materials specification has been released. See what's new in CycloneDX v1.5.| Dependency Heaven