Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore advanced SBOM (Software Bill of Materials) generation techniques in this 38-minute conference talk from the Linux Foundation. Learn how to move beyond basic SBOM creation tools like Syft or Trivy to produce truly actionable SBOMs that provide meaningful value to downstream users. Discover the comprehensive work conducted by a CISA SBOM Community Tiger Team who developed SBOM Generation Reference Implementations across multiple programming languages and deployment scenarios. Examine the distinct phases of SBOM generation and understand how each step contributes to creating more robust and actionable documentation. Master techniques for expanding the SBOM authoring process to integrate multiple data sources, enhance metadata accuracy, and customize workflows that align with evolving security frameworks while maintaining tool interchangeability and data integrity. Gain practical insights into implementing SBOM generation within CI/CD pipelines using GitHub and GitLab, supporting diverse programming languages, and ensuring interoperability with both CycloneDX and SPDX formats. Address critical ecosystem challenges including supplier identification, license consistency, and benchmarking completeness to create SBOMs that truly serve their intended security and compliance purposes.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
