Greeting Outreach Team,
The security profile team has written a blog post explaining some of the security features of 3.0. It is primarily targeted for the CISA community who have a concern that SBOM's should not be including vulnerability data since the data is updated at a different pace (e.g. SBOMs are fairly static while vulnerability information can change quickly). Here's the link: https://docs.google.com/document/d/1cLFTF1yLWy9kkRzNUC648-WshA6XslCE-cVc9o6Y -3Q/edit?usp=sharing If everyone is OK with it, I can post the blog on the website after Monday. Thanks, Gary -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#867): https://lists.spdx.org/g/Spdx-outreach/message/867 Mute This Topic: https://lists.spdx.org/mt/101905216/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-outreach/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
