SBOM, Libs e Componentes

Bases de Conhecimento

• Awesome SBOM

Artigos

• Aqua :: OWASP Software Component Verification Standard (SCVS)

• CSO Online :: 8 top SBOM tools to consider

• MergeBase :: What are the Best Tools for Generating SBOM (Software Bill Of Materials)?

• Anchore :: How to Generate an SBOM with Free Open Source Tools

Tools

• OWASP Dependency-Check

• OWASP Dependency Track

• CycloneDX

• anchore/syft

• microsoft/sbom-tool

• OSV by Google: A distributed vulnerability database for Open Source