I'm very pleased to announce that today, Reliable Energy Analytics LLC <https://www.linkedin.com/company/reliable-energy-analytics-llc/> has gifted the open-source Vendor Response File (VRF) XML Schema that will be used in the FDA <https://www.linkedin.com/company/fda/> use case demonstrated at the IETF Hackathon on July 21, 2023 to the IETF <https://www.linkedin.com/company/ietf/> SCITT working group for future development and maintenance. A VRF enables software producers to communicate the location of SBOM, Vulnerability Disclosure Reports (VDR) and other evidence artifacts needed by a consumer to conduct a comprehensive National Institute of Standards and Technology (NIST) <https://www.linkedin.com/company/nist/> C-SCRM software risk assessment PROACTIVLEY, by applying "Left of Bang" methods for risk management of the software supply chain.
https://www.linkedin.com/posts/richard-dick-brooks-8078241_advice-for-softwa re-vendors-to-prepare-for-activity-7086771226777378816-kiL6/?utm_source=shar e <https://www.linkedin.com/posts/richard-dick-brooks-8078241_advice-for-softw are-vendors-to-prepare-for-activity-7086771226777378816-kiL6/?utm_source=sha re&utm_medium=member_desktop> &utm_medium=member_desktop Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:[email protected]> [email protected] Tel: +1 978-696-1788 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#5243): https://lists.spdx.org/g/Spdx-tech/message/5243 Mute This Topic: https://lists.spdx.org/mt/100200766/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
