• License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • Request Demo
    Request Demo
  • Vulnerability Management
  • License Compliance
  • Open Source in the News
  • Software Composition Analysis
  • Developers
Tom Alrich

Tom Alrich

Tom is an SBOM and software supply chain security expert. He's helped organizations like the NTIA, Honeywell, and Deloitte advance supply chain security initiatives.

2 posts •
Software Composition Analysis

What’s New in CycloneDX 1.5?

A new version of the CycloneDX bill of materials specification has been released. See what's new in CycloneDX v1.5.

  • Tom Alrich
    Tom Alrich
7 min read
Open Source Vulnerability Management

VEX (Vulnerability Exploitability eXchange): Purpose and Use Cases

Learn about VEX (Vulnerability Exploitability eXchange), which is used to communicate whether vulnerabilities impacting software products are actually exploitable.

  • Tom Alrich
    Tom Alrich
10 min read
  • For the Love of Open Source © 2023 FOSSA, Inc.
  • Privacy Policy
  • Terms & Conditions