Hello Everyone,
BCG officially released SAG-PM V 2.0.0. This is the first time BCG/REA has released a product with the SPDX V 2.3 SBOM in JSON format, and successfully uploaded the SPDX SBOM to CISAs RSAA portal as part of the secure software attestation process following "Secure by Design" principles and CISAs Secure Software Assurance Buyers Guide practices (announced on June 12 by CISA Director Easterly). Thanks very much to Gary for all the help getting the SPDX V2.3 JSON SBOM format produced by SAG-PM tools to pass online validation. Very much appreciated, Gary. BCG has registered to demonstrate SAG-PM V 2.0.0 and the SAG-CTR "Trust Registry" (an IETF SCITT conceptual implementation) at CISAs SBOM-o-Rama on September 12 in Denver, Colorado. Hoping to see friends and colleagues in Denver. Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <https://businesscyberguardian.com/> https://businesscyberguardian.com/ Email: [email protected] Tel: +1 978-696-1788 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#5662): https://lists.spdx.org/g/Spdx-tech/message/5662 Mute This Topic: https://lists.spdx.org/mt/106783499/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
