Technologist and Maker specialising in Cloud, Open Source and Innovation.
Technologist and Maker specialising in Cloud, Open Source and Innovation.
Feb 2, 2023 | 6 minute read
When putting together a previous post on how to use open source tools to create a software bill of materials (SBOM), Ritesh Noronha alerted me to another project, sbomqs that aims to simplify the evaluation of SBOM quality for both producers and consumers. A quality SBOM is one that is accurate, complete, and up-to-date. It should accurately reflect the components and dependencies used in the software application, including their version and optionally any known vulnerabilities.