Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the critical security implications of inaccurate Software Bill of Materials (SBOMs) in this 39-minute conference talk from the Linux Foundation. Discover how incomplete and incorrect SBOMs can lead to overlooked vulnerabilities and wasted resources on non-existent security issues, despite their increasing adoption for supply chain transparency. Learn about JBomAudit, an open-source tool designed to automatically verify Java SBOMs by systematically assessing their correctness and completeness against NTIA minimum requirements. Examine the technical details of how JBomAudit identifies missing and incorrect dependencies, and review findings from a comprehensive analysis of over 25,000 Java SBOMs that reveals the widespread prevalence of non-compliant SBOMs and their security implications. Understand common pitfalls in SBOM generation, analyze root causes of non-compliance, and gain actionable recommendations for improving SBOM quality to better protect against software supply chain attacks.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
