Hot Topics

CycloneDX

SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern

SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern

| | CycloneDX, DevZone, Maven, SBOM, Vulnerabilities
In late 2023, a few members of the Apache Logging Services project – known for providing the famous Log4j logging framework – received funding from the Sovereign Tech Fund (STF) to enhance ...
Sonatype Blog
Comparing SBOM Standards: SPDX vs. CycloneDX

Comparing SBOM Standards: SPDX vs. CycloneDX

| | CycloneDX, SBOM, software bill of materials, software supply chain automation, SPDX, SWID
In our 8th Annual State of the Software Supply Chain Report, we detailed upcoming government regulation coming to protect national interests globally. Because software is frequently built from third-party open source components, ...
Sonatype Blog
SBOM, CycloneDX and Dependency-Track, with Steve Springett | The Right Security

What Is an SBOM? The Importance of a Software Bill of Materials

| | CycloneDX, SBOM, software bill of materials, vulnerability intelligence, Vulnerability Management, Vulnerability Remediation
Cyber attacks like Log4Shell have led the Biden administration to work closely with security experts, as well as the Cybersecurity and Infrastructure Security Agency (CISA) to produce government resources and legislation intended ...
Threat Intelligence Blog | Flashpoint
SBOM, CycloneDX and Dependency-Track, with Steve Springett | The Right Security

What Is an SBOM? The Importance of a Software Bill of Materials

| | CycloneDX, SBOM, software bill of materials, vulnerability intelligence, Vulnerability Management, Vulnerability Remediation
Cyber attacks like Log4Shell have led the Biden administration to work closely with security experts, as well as the Cybersecurity and Infrastructure Security Agency (CISA) to produce government resources and legislation intended ...
Threat Intelligence Blog | Flashpoint