Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how to integrate zero-touch Software Bill of Materials (SBOM) generation into your CI/CD pipelines using open-source tools in this 18-minute conference talk from the Linux Foundation. Discover how to balance speed and security in continuous delivery environments while meeting mandatory SBOM compliance requirements under various regulatory acts. Explore the implementation of FOSSology toolchain-powered solutions that seamlessly integrate with GitHub Actions and GitLab CI to automate dependency scanning for Python and Node.js projects, license and copyright detection, and SPDX SBOM generation in multiple formats including JSON, YAML, RDF, and Tag. Master the deployment of lightweight, Docker-based tools available on Docker Hub and GitHub Marketplace that enable CI-native package scanning on every pull request, making compliance and SBOM generation effortless for open-source developers and DevOps engineers working at scale.
