In software security, #SBOMs are essential. Let us not forget that. Here are 5 key strategies for making the SBOM data actionable. https://cstu.io/74371e

SBOM adoption is accelerating, driven by #security best practices and regulatory requirements. This guide explains why #SBOMs matter, how to implement them, and how they fit into a #DevSecOps strategy. Download now: get.anchore.com/sbom101-guide-for-devsec...

In software security, #SBOMs are essential. Let us not forget that. Here are 5 key strategies for making the SBOM data actionable. https://cstu.io/74371e

#SBOMs are becoming a standard requirement for secure software development. Learn how to generate, manage, and use SBOMs effectively to improve security posture, automate compliance, and reduce risk ac... get.anchore.com/sbom101-guide-for-devsec... #devsecops #compliance #security

In software security, #SBOMs are essential. Let us not forget that. Here are 5 key strategies for making the SBOM data actionable. https://cstu.io/74371e

In software security, #SBOMs are essential. Let us not forget that. Here are 5 key strategies for making the SBOM data actionable. https://cstu.io/74371e

"It's hard to know what to fix in your software…if you don't know what's in your software." 🛑

Brian Thomason explains why the US Navy prioritizes high-fidelity #SBOMs as the foundation of every security check.

Read the full... anchore.com/blog/how-raise-2-0-is-tr...

The recording from NYC*BUG Saturday January 10th, 2026 session "The Book of PF 4th ed + EU CRA: It's time to Engineer up" is now available:
Youtube: youtu.be/HOCsvcCm1Ec
Peertube: toobnix.org/w/bQPtKXKqJM...
#bookofpf #OpenBSD #freebsd #packetfilter #CRA #SBOMS #dependency #supplychain #security

#CRA will change how embedded systems are built and maintained in the EU.
From #SBOMs and secure boot to #TLS 1.3 & #DTLS 1.3, this video breaks down what engineers need to know now.

🎥 Watch now:youtu.be/prnqhj3_wYg...
#CyberResilienceAct

🧑‍🌾 bomctl makes SBOMs easier to work with by handling format and version differences for you. Convert between SPDX and CycloneDX, upgrade spec versions, and link #SBOMs across suppliers and systems.

Watch the OpenSSF Project Spotlight about #bomctl: youtu.be/Tax1pNaySYQ?...

When a new vulnerability drops, the first question is always: Is this in my supply chain? 🔍

By ingesting and enriching #SBOMs with vulnerability and dependency data, #GUAC lets you query your entire application portfolio and pinpoint where action is needed immediately.

🎥 youtu.be/uDT0xes5ico?...

Eclipse Foundation SBOMs with Mikael Barbero In this conversation, Josh speaks with Mikael Barbero, head of security at the Eclipse Foundation. They discuss the foundation’s role in enhancing the security posture of open source projects, the imp...

I chat with @mikael.barbero.tech about security happenings at the Eclipse Foundation

My favorite project they have is helping projects generate #SBOMs, but there's a lot happening. If you want to see some public examples of how to do security right, give it a listen!

Next up we have @chrisdemars.net talking about #js #sboms aka a "come to #devsecops" talk which is right on time in the wake of the recent shai hulud worm (which he hasn't mentioned yet 🤔)

#cyc25

Understanding Radio Equipment Directive: What it means for FOSS and SBOMs. - Bitsea RED regulates radio equipment in the EU, strengthens security and cyber protection, and also affects open-source software in networked devices.

Excellent piece on #EURED, #FOSS & #SBOMs. Not sharing it just because it cites my related piece. It delivers a sharp take on Art. 3(3)(i), EN 18031 & bootloader locks.

Read: en.bitsea.de/blog/2025/09...

Have you stopped by the Anchore booth at DevOpsDays DC? We're giving away a Land Rover Classic Defender Lego set to one lucky attendee. Stop by the booth to register and win. And maybe talk #SBOMs too! #devopsdays

Our next #JCON2025 session is live: 'SBOMs Are Not Enough' with Brian Demers

Software Bill of Materials #SBOMs have emerged as a #critical component of #software supply chain #security, promising transparency about the #dependencies in our…

Grab your coffee and hit play: youtu.be/4jtf9ATNyx8

GitHub Open Source Fund | Bluefin Today we're happy to announce that Bluefin was one of the 71 projects selected for Github's Secure Open Source Fund. We applied for and were selected earlier this year, with tulilirockz representing the team and working with GitHub -- getting some awesome training and some funding to work on improving our security posture. Also awesome to see CNCF Projects like bootc and fluxcd. We're in excellent company. 😄

Huge congratulations to the Bluefin project on being selected for the #GitHub Secure Open Source Fund! We're proud to see them using our tool, Syft, to generate #SBOMs and enhance their security posture.
docs.projectbluefin.io/blog/2025/08/29/github-o...

Deep Dive: The Future of SBOMs with Anchore's Neil Levine. Learn how #SBOMs are becoming essential for #SoftwareSupplyChain security. Discover "Bring Your Own SBOM" and Anchore Rank for vulnerability pri... https://www.youtube.com/watch?v=wmftAJH6veg
#CybersecurityNews #AppSecurity #SBOMs #TechTalk

🎥 Join Anchore and HeroDevs for a technical deep dive into SBOM and EOL detection. Learn to generate #SBOMs with Syft and identify end-of-life and unsupported components using HeroDevs XEOL. This session will cover practical workflows and demos ... https://go.anchore.com/unmasking-hidden-risks.html

Original post on secureworld.io

The Cyber Threats to Vehicle Automation Cars have quietly morphed into rolling data centers. High-performance computers interpret radar and lidar feeds, Alexa pipes playlists through 5G modems, ove...

#Featured #Autonomous #Vehicles #Cybersecurity #Automotive […]

[Original post on secureworld.io]

Love #SBOMs ☕ Hate Mondays 😒
Join us TODAY at 11 AM ET — we’ve got the meeting for you! openssf.org/getinvolved/

Tony Turner — Threat Modeling and SBOM — The Application Security Podcast Have you ever considered using an SBOM to inform your threat modeling? Tony Turner has. Tony joins us to discuss SBOMs, threat modeling, and the importance of Cyber Informed Engineering. Tony delves…

threat modeling and #SBOMs overcast.fm/+AAtJoG6fLfs...
#sbom #infosec

Federal Cybersecurity Cuts Raise Risks—Here’s How to Respond | LMG Security In June 2025, an executive order sent shockwaves through the cybersecurity world, gutting key federal cybersecurity protections. We'll share what you need to do to protect your organization.

Major federal #cybersecurity rollbacks just shifted risk onto your organization. With #SBOMs, #MFA, & #encryption cuts, if you buy software or rely on vendors, this affects you. See what changed & how to reduce your risk: www.lmgsecurity.com/federal-cybe...

#SMB #CISO #TPRM #Infosec #ITsecurity

Tired of SBOMs just being a checkbox? Our latest interview with Neil Levine, SVP of Products at Anchore, reveals how #SBOMs are evolving from compliance burdens to powerful tools for enhancing #SoftwareSupplyChain security. Neil shares insights on Ancho... https://www.youtube.com/watch?v=wmftAJH6veg

5 Signs Your Product Security Program Has Outgrown Its Current Tools Your product security stack shouldn’t hold you back. Here are 5 signs it's time to scale beyond homegrown tools and manual SBOMs.

Still relying on outdated security tools?

👎 No binary scanning
🕳️ Incomplete #SBOMs
📉 Missed vulnerabilities

Here are 6 signs it's time to upgrade & what to look for 👉 finitestate.io/blog/when-to...

#ProductSecurity #IoTSecurity #SBOM #BinaryAnalysis #DevSecOps #SCA #SAST

✨ Lock the Chef in the Kitchen: Enabling Accurate #SBOMs Via Hermetic Builds ✨ at #cdCon #OSSummit on June 23 w/ Adam Cmiel, Red Hat | Full Schedule: ossna2025.sched.com/overview/typ...

🧰 #SBOMs are the foundation of understanding your software supply chain, but picking the right tool can be tricky. Read this guest blog as Nathan walks through key SBOM generation tools:
openssf.org/blog/2025/06...

#OpenSSF #OSSSecurity

Types of Software Bill of Materials - Practical DevSecOps A Software Bill of Materials (SBOM) is a comprehensive inventory that details every ingredient that goes into building software. In modern software

Learn about the different types of SBOMs:
www.practical-devsecops.com/types-of-sof...

#SBOMs #SoftwareSupplyChainSecurity #PracticalDevSecOps #Securitytrainings #ProductSecurity #Cybersecurity

🏁 #SBOMlearningWeek Day 5: We explore how #SBOMs intersect with regulatory #compliance, #opensource security & #DevSecOps. The final piece in our guide to #software supply chain #security! anchore.com/blog/sboms-as-the-crossr...

🔍 As #SBOMlearningWeek continues - watch this on-demand webinar to learn how #SBOMs can instantly identify affected systems during a zero-day incident. Critical knowledge for security teams. #IncidentResponse #SBOM"X get.anchore.com/rapid-incident-response-... #ZeroDay