There will be lots of discussion regarding Vulnerability reporting, SBOM's and SBOM sharing with the US Government using the CISA RSAA portal.
If you are interested in US Government SBOM work and selling products to the US Government, then you should seriously consider attending this conference: The collection of CISA Secure Software Attestation forms begin June 8, 2024. https://www.eventbrite.com/e/innovations-in-ict-supply-chain-risk-management -conference-registration-890982100447 I have successfully shared SPDX and CycloneDX SBOM's with US Government agencies using the CISA RSAA portal and will talk about this capability during the conference. Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:[email protected]> [email protected] Tel: +1 978-696-1788 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#5632): https://lists.spdx.org/g/Spdx-tech/message/5632 Mute This Topic: https://lists.spdx.org/mt/105986056/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
