Open source software security is always in the spotlight. Every time there is a cyber attack, a lot of time and effort is required to detect not just when, where and how it occurred, but also to measure the real impact on the applications and services that are running in digital environments. Recent cyber-attacks have highlighted the general lack of knowledge about code dependencies and attacks on the software supply chain.
A Software Bill of Materials (SBOM) helps organisations to meet new domestic and international cyber security requirement laws. Supply chains point out the relationships between the various components used in building software. These components include libraries and modules. They can be open source or proprietary, and free or paid.
Why are SBOMs needed?
An SBOM is a list of all the open source and thirdparty components present in a codebase. It also lists the licences that govern those components, the versions of the components used in the codebase, and their patch status. This helps security teams to quickly identify any associated security or licence risks.
An SBOM provides a machine readable list of components of the software and its dependencies. As it has become a key component for cloud security for private and government organisations, it is estimated that 88 per cent of organisations will use SBOMs by the end of 2023.
Similarly, smart organisations that build software maintain an accurate, up-to-date SBOM, which includes an inventory of third-party and open source components to ensure that their code is of high quality, compliant, and secure.
SBOMs and cyber security
Esta historia es de la edición April 2023 de Open Source For You.
Comience su prueba gratuita de Magzter GOLD de 7 días para acceder a miles de historias premium seleccionadas y a más de 9,000 revistas y periódicos.
Ya eres suscriptor ? Conectar
Esta historia es de la edición April 2023 de Open Source For You.
Comience su prueba gratuita de Magzter GOLD de 7 días para acceder a miles de historias premium seleccionadas y a más de 9,000 revistas y periódicos.
Ya eres suscriptor? Conectar
Linux Foundation launches LF India to foster open source innovation and support in India
The Linux Foundation, a nonprofit organisation dedicated to driving innovation through open source, has announced the launch of LF India.
Red Hat launches Ansible Automation Platform Service on AWS
Red Hat, Inc., has announced the general availability of the Red Hat Ansible Automation Platform Service on Amazon Web Services (AWS) as a managed offering available through AWS Marketplace.
Fedora Asahi Remix 41 is now generally available
The Fedora and Asahi Linux projects have announced the general availability of Fedora Asahi Remix 41, the latest version of this distribution tailored for Apple Silicon Macs.
SageMath: A Second Glance at Cybersecurity
The eighth article in the series on SageMath explores a classical encryption scheme called the Rail Fence cipher and introduces the concept of symmetric-key encryption.
Building Cross-Platform Mobile Apps with lonic
Mobile apps are an intrinsic part of daily life today we use them to order food, groceries, taxis, and more. As these apps need to work across platforms, developers are focusing on cross-platform app development so that they code only once to create apps that function on multiple platforms. lonic is a framework that can help developers build apps faster than with native app development, while saving them time and money. Let’s learn how to install and deploy it.
Open Source AI Frameworks: Integrating AI with lot
Open source Al helps loT devices learn, adapt, and automate actions based on real-time data, improving convenience and security. Here’s an overview of six key open source Al frameworks that help integrate Al with loT, and the challenges they face.
Open Source loT: A Primer for Everyone
Open source IoT platforms promise to play a central role in shaping the future, making it possible for more people and businesses to benefit from smarter, more efficient solutions. We look at a brief history of this tech and explore emerging trends.
Using Open Source and Blockchain to Build Decentralised loT Networks
Explore how blockchain is being integrated with loT to create decentralised networks. Find out how leading open source projects like IOTA and Streamr use blockchain to ensure data integrity, security, and privacy in loT ecosystems.
Internet of Things: Running Language Models on Edge Devices
Let’s delve into the technical aspects, challenges, and benefits of deploying language models on edge/loT devices.
How Open Source is Making Quantum Computing Accessible to Everyone
Open source initiatives are breaking down the barriers to quantum computing, making it accessible to everyone. Explore what quantum computing is, the challenges of traditional adoption, how open source platforms are democratising the technology, and how you can get started in this exciting domain.
