Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore ESSTRA, Sony's open-source software suite designed to enhance transparency and traceability in software supply chains through this 38-minute conference talk from the Linux Foundation's Open Source Summit. Learn how this innovative tool addresses the growing need for Software Bill of Materials (SBOMs) by collecting and embedding source file information directly into compiled binaries during the build process. Discover how ESSTRA solves the challenge of tracking which specific source files are included in binaries and which open-source software licenses require compliance, addressing critical concerns in vulnerability management and license compliance. Understand the technical implementation through ESSTRA's GCC plugin that records source files during compilation and the accompanying management tools for handling the embedded information. Gain practical knowledge on integrating ESSTRA with existing workflows and learn about its compatibility with the Binary Analysis Next Generation (BANG) tool. Master the first steps to implement ESSTRA in your projects to improve software supply chain visibility and meet increasing regulatory and security requirements for software transparency.
