OpenChain SBOM Study Group Kick-Off Call - 2024-07-30
ShaneCoughlan3
297 views
9 slides
Jul 30, 2024
Slide 1 of 9
1
2
3
4
5
6
7
8
9
About This Presentation
OpenChain SBOM Study Group Kick-Off Call - 2024-07-30
Slide Content
OpenChain SBOM Study Group Kick-Off Call – Chaired by Norio Kobota from Sony – 2024-07-30
Anti-Trust Policy Notice Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws. Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http:// www.linuxfoundation.org /antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.
Agenda Introduce the practical considerations of using SBOMs in supply chains Discuss who these considerations apply to Talk about existing market solutions: Case Study SPDX Lite Have an open discussion on next steps
Welcome Our Chair for 2024 Norio Kobota San, Senior Open Source Strategist Open Source Program Office Sony
Practical Considerations: SBOM in Supply Chain What is necessary for compliance matters? License compliance Security assurance Other compliance-related topics What regulations exist? United States Executive Order NTIA Minimum Requirements Cyber Resilience Act What is necessary for efficiency? Keeping overhead low Ensuring suppliers can realistically produce SBOM Etc.
Who These Considerations Apply To From our perspective: Everyone using the open source supply chain.
Existing Market Solutions Let’s have a case study on SPDX Lite as an example of a practical solution for addressing the question of “what type of approach can empower suppliers to get started with SBOM?” The context is: Suppliers have limited resources Suppliers and customers need minimal adjustment to deployment processes Time is extremely limited for everyone
Open Discussion on Next Steps How often should we meet? How should we address topics? How long should the meetings be? Initial Suggestions: Monthly workshop One case study per workshop One or two hours long Goal: make sure practical “how to” information is available to everyone
Thank you everyone! See you next time!
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 297
- Slides 9
- Age 491 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
35 views
21
Know for Certain
DaveSinNM
23 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views