We made great progress in 2019 towards making #SBOM a reality. @NTIAgov published the first set of community-drafted documents to offer guidance around the practice of SW transparency, and we charted the course for our next steps in 2020 2/11 https://www.ntia.doc.gov/blog/2019/stakeholders-prepare-further-work-software-transparency-2020 …
-
-
Prikaži ovu nit
-
None of this would be possible without incredible work from the community! There are too many stakeholders who helped draft docs, join calls, debate, and remind others how their corner of the ecosystem actual works to name in a thread, but I want to acknowledge a few 3/11
Prikaži ovu nit -
.
@joshcorman has been banging the drum on this for years, and has been patient in helping me understand the issue and its urgency. He helped lead the documentation on the real value#SBOM can have for so many different roles, across the entire SW supply chain 4/11Prikaži ovu nit -
.
@zmanion and@jumpmichellegm1 have done such amazing work extracting a shared vision of what an#SBOM is from the hivemind, and created a vision of "rough consensus and running code" as well as a plan for tackling the further known challenges. 5/11Prikaži ovu nit -
Critical work on bringing the operational perspective to bear for formats and tooling, led by the apparently inexhaustible
@_kate_stewart from the@linuxfoundation and@jcherz with the modern org's supply chain risk approach. 6/11Prikaži ovu nit -
Many others have been thinking about this for a long time, and sharing their thoughts about how we can make this vision real, such as
@bitwatcher's vision of change in the complex world of enterprise software and@stevespringett's work in@owasp and application security 7/11Prikaži ovu nit -
Significant change depends on supporters and boosters like
@its_a_lisa,@apporima,@brysonbort,@sushidude and of course@beauwoods bringing@iamthecavalry and the@defcon Villages 9/11Prikaži ovu nit -
To everyone I've left off, or couldn't find the twitter
@handle for, please accept my humble apologies and heartfelt thanks. 10/11Prikaži ovu nit -
Supply chain security will be one of THE big cybersecurity issues of 2020, in DC, the Valley, and around the world.
#SBOM is a key part, and we will be able to build on that transparency for more tools, businesses, and services. Plenty of work to get done--ping me to join in! /11Prikaži ovu nit
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.