130. How SBOMs Expose Vulnerabilities in Your Software Supply Chain скачать в хорошем качестве

130. How SBOMs Expose Vulnerabilities in Your Software Supply Chain

https://www.betabit.nl/betatalks Software today is built on hundreds of dependencies, but do you actually know what’s inside your application? Jelle and Christian break down Software Bill of Materials (SBOMs) and why they’re becoming essential for modern software development. An SBOM provides a complete inventory of all components and dependencies used in your software. This visibility helps teams quickly identify security vulnerabilities, improve transparency and manage risk in the software supply chain. If you're a developer, DevOps engineer, or security professional, understanding SBOMs can significantly improve how you manage dependencies and secure your applications. Links voor meer informatie: https://devblogs.microsoft.com/engine... https://github.com/resources/articles... https://www.ncsc.nl/software/wat-is-e... (Dutch) https://www.ncsc.nl/toeleveringsketen... (Dutch) Timestamps: 00:00 - Introduction SBOM 01:23 - Why developers and testers should care about SBOM 03:50 - When to generate SBOMs (build, release, run) 06:06 - SBOM vs. npm audit and other tools 07:22 - SBOM standards: SPDX, Cyclone DX, SWID 08:00 - Demo: example SBOM of Betabit website 09:20 - How to generate SBOMs and types of tools 10:40 - Closing remarks and wrap-up There is more to come! https://www.betabit.nl/nl