#sbom

"CycloneDX vs SPDX: Which SBOM Format Should You Use?"

🖼️

0

"CycloneDX vs SPDX: Which SBOM Format Should You Use?"

DEV Community·LedgerProve·17 days ago

#CqwlF3y2

#sbom #security #devops #supplychain #formats #valid

"Both formats are valid. Both satisfy regulators. The right choice depends on your tooling, your...

15s

🖼️

0

SBOM Management

DEV Community·丁久·18 days ago

#Kr9CP7yl

#sbom #generate #security #devops #json #management

Managing Software Bill of Materials with generation, verification, vulnerability correlation, and compliance.

15s

🖼️

0

Supply Chain Security

DEV Community·丁久·18 days ago

#LrBv6kQx

#supply #generate #security #devops #chain #version

Comprehensive guide to software supply chain security covering SBOM, Sigstore, in-toto, dependency confusion, and the SLSA framework.

15s

"Why I stopped trusting npm audit (and built my own)"

🖼️

0

"Why I stopped trusting npm audit (and built my own)"

DEV Community·neve7r·28 days ago

#i7iM7mJ7

#security #devops #npm #typescript #audit #ready

Generate a CycloneDX SBOM and deterministic, audit-ready risk report from your...

15s

Retrospective: Implementing Zero-Trust Security for Docker 28 Containers – 1 Year of Trivy 0.55 and Vault 1.18

🖼️

0

Retrospective: Implementing Zero-Trust Security for Docker 28 Containers – 1 Year of Trivy 0.55 and Vault 1.18

DEV Community·ANKUSH CHOUDHARY JOHAL·29 days ago

#rgxIWh2o

#tip #retrospective #implementing #zerotrust #vault #docker

From Dev.to - security: Retrospective: Implementing Zero-Trust Security for Docker 28 Containers – 1 Year of Trivy 0.55 and Vault 1.18

15s

Why Your DevSecOps Pipeline Is Broken: Trivy 0.50 Catches 30% More Vulnerabilities Than Snyk

🖼️

0

Why Your DevSecOps Pipeline Is Broken: Trivy 0.50 Catches 30% More Vulnerabilities Than Snyk

DEV Community·ANKUSH CHOUDHARY JOHAL·about 1 month ago

#xxnjUHqx

#devsecops #pipeline #broken #trivy #scan #snyk

From Dev.to - devsecops: Why Your DevSecOps Pipeline Is Broken: Trivy 0.50 Catches 30% More Vulnerabilities Than Snyk

15s

If a verifiable SBOM is illegal now, is the ESP32 viable in the west?

📰

0

If a verifiable SBOM is illegal now, is the ESP32 viable in the west?

Reddit r/IOT·u/Panometric·about 1 month ago

#jfb45YwR

#verifiable #sbom #illegal #esp32 #viable #photo

From Reddit - r/iot: If a verifiable SBOM is illegal now, is the ESP32 viable in the west?

15s

Postmortem: Jenkins 2.460 Plugin Vulnerability Caused Breach – Fixed with GitLab CI 16.10 and Snyk 1.1300

🖼️

0

Postmortem: Jenkins 2.460 Plugin Vulnerability Caused Breach – Fixed with GitLab CI 16.10 and Snyk 1.1300

DEV Community·ANKUSH CHOUDHARY JOHAL·about 1 month ago

#n4SyPUoX

#code #jenkins #postmortem #2460 #snyk #sbom

From Dev.to - jenkins: Postmortem: Jenkins 2.460 Plugin Vulnerability Caused Breach – Fixed with GitLab CI 16.10 and Snyk 1.1300

15s

Software Bill of Materials (SBOM) for your Spin Apps | Akamai

📰

0

Software Bill of Materials (SBOM) for your Spin Apps | Akamai

Akamai·Jan 16, 2025 Thorsten Hans·about 1 month ago

#4XPNoIye

#cybersecurity #developers #spin #webassembly #sbom #software

Learn how to generate, scan, and distribute Software Bill of Materials (SBOM) for Spin applications using trivy and oras.

15s

Menu

"CycloneDX vs SPDX: Which SBOM Format Should You Use?"

SBOM Management

Supply Chain Security

"Why I stopped trusting npm audit (and built my own)"

Retrospective: Implementing Zero-Trust Security for Docker 28 Containers – 1 Year of Trivy 0.55 and Vault 1.18

Why Your DevSecOps Pipeline Is Broken: Trivy 0.50 Catches 30% More Vulnerabilities Than Snyk

If a verifiable SBOM is illegal now, is the ESP32 viable in the west?

Postmortem: Jenkins 2.460 Plugin Vulnerability Caused Breach – Fixed with GitLab CI 16.10 and Snyk 1.1300

Software Bill of Materials (SBOM) for your Spin Apps | Akamai