Learn about the new features and improvements in CycloneDX 1.6, including Cryptographic BOM, Attestation support, and Machine Learning BOM enhancements.
The U.S. federal government’s Office of Management and Budget published a memo requiring software suppliers to self-attest to secure development practices, impacting government and private sector software supply chains.
An overview of the U.S. Senate's hearing on the Log4J vulnerability, highlighting key discussions on software security.
Understanding software supply chain attacks and strategies to defend against them.
Exploring supply chain security risks in automotive industry and how software composition analysis can mitigate these threats.