A Linux Foundation case study on using cdsbom to enhance SPDX SBOMs with license data from ClearlyDefined for better compliance and transparency.| Open Source Initiative
Deep Dive: Data Governance brings world-class experts together| Open Source Initiative
Case study: enhancing SBOMs with cdsbom at the Linux Foundation| Open Source Initiative
A “software bill of materials” (SBOM) has emerged as a key building block in software security and software supply chain risk management. An SBOM is a nested inventory, a list of ingredients that make up software components. While not a brand new concept, the ideas and implementation have advanced since 2018 through a number of collaborative community effort, including National Telecommunications and Information Administration’s (NTIA) multistakeholder process. | Cybersecurity and Infrastructure Security Agency CISA
