Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the collaborative standardization process behind two critical software compliance standards in this 20-minute conference talk. Learn how Package-URL (PURL) and CycloneDX emerged from real industry problems through community-driven development, transforming from initial concepts into widely-adopted standards that now underpin major vulnerability databases, SBOM generators, and regulatory frameworks. Discover how PURL solved the chaos of fragmented package identification across software ecosystems by creating a universal format, while CycloneDX addressed security practitioners' need for a lightweight, practical SBOM format that supports actual workflows rather than just regulatory compliance. Understand the open standardization process that involved industry collaboration, real-world testing, and continuous refinement based on implementation experience, leading to network effects that accelerated adoption across security tools, package managers, and compliance platforms. Gain insights into what makes standards successful, the crucial role of early implementers, the challenges of gaining widespread adoption, and why some standards thrive while others disappear, helping you better participate in shaping future standards and evaluate which ones merit investment in your compliance infrastructure.
