👀 What is the Software Bill of Material?
The Tech Caffeine #37: This Week in Tech
👉 Top Five
1️⃣ If your goal is to be a great leader, you must read the Amazon Leadership Principles. It is just one of the things that makes Amazon peculiar.
2️⃣ A data-driven culture is high on lineage because it empowers employees at every level to trust and understand data pipelines, leading to faster data-driven decisions. Here is a must-read to know more about the Data Lineage.
3️⃣ Google Docs can now generate automated summaries using Artificial Intelligence.
4️⃣ If you are not aware of what “Enterprise Architects should be doing,” this “Enterprise Architecture on One Page“ is for you.
5️⃣ 2022 State of Software Delivery Report gives tips to improve Continous Integration (CI) time by parallelizing tests, using Docker images explicitly designed for CI, and optimal machine size and caching strategies.
🤿 The Deep Dive
What is the Software Bill of Material(SBOM)?
A "Software Bill of Materials" (SBOM) lists the ingredients that make up a software component. SBOM has become a critical step toward preventing software supply chain attacks.
The SBOM should also include baseline attributes that can be used to identify individuals software components in standardized formats.
Here is a list of sample baseline attributes -
Author
Supplier
Component
Version
Unique Identifier
Hash
etc.
To fully reap the benefits of SBOM, standardization and automation are necessary. Widespread interoperability across the supply chain is required. To achieve this, standardized data formats and identification schemes are needed.
Here is the list of some popular SBOM formats -
We continue to see an increased emphasis on improving the security of Software Supply Chains, so you can expect more companies to start distributing software packages with SBOM.
