Skip to main content
EuroPythonCode of ConductLive 📹

Using Python to manage Software Bill of Materials

Room:
Wicklow Hall 1
Start (Dublin time):
Start (your time):
Duration:
30 minutes

Abstract

Software has become increasingly complex as it is constructed from a multitude of software components. In many cases the identification of these components are hidden as they are included through implicit dependencies. Without fully understanding the dependencies of your product it is not possible to understand the current vulnerability status of your software product or system. In the past 12 months, there has been an increasing focus on the use Software Bill of Materials (SBOMs) as a key artefact to be delivered with a software product; it will be mandated for all software products in some markets later in 2022. SBOMs which were initially developed to capture the inter-dependencies between components (the focus was on capturing the different types of open source licences used within a product) but with the latest evolution, tracking of vulnerabilities within a product can now be performed.

This talk will introduce the SBOM concept and show how Python and its ecosystem can be used to create, manage and use SBOMs as part of your development pipeline.

TalkDevOps


The speaker

Anthony Harrison

An experienced solution architect and cyber security consultant delivering and securing mission critical systems. In his spare time, teaches Python at Manchester CoderDojo and has acts as a mentor for Google Summer of Code (GSOC) projects supported by the Python Software Foundation.



← Back to schedule