We’ve great presentations planned for Thursday and the July meeting. Note, due to the the first week of July being a big vacation week in the US, we’ll push the July meeting a week to July 13.
Today’s special presentation: Getting directed and actionable insights from your SBOMs from GUAC With the rise of the popularity of SBOMs, more and more consumers of software are asking the question of what to do with them? For most, the large amounts of data now streaming in can be overwhelming. GUAC helps to organize that data and acts as a telescope to what's important. With GUAC, organizations can ingest SBOMs and other software metadata documents from different formats and sources and query them through an assembled knowledge graph. In addition, today, there is both too much data, but also sometimes a lack of data where it matters. GUAC, as a platform, provides the ability to augment SBOM data with other data sources and threat intelligence to get a more holistic view of the supply chain. Brandon Lum Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). Brandon is a Co-chair of the CNCF Security TAG, and as a part of Google's Open Source Security Team, he works on improving the supply chain security of the Open Source ecosystem through efforts around supply chain knowledge graphs - GUAC, SBOMs, and VEX. Previously at IBM Research, Brandon worked on various security areas such as: Container content protection via encryption and image signing, identity, and kernel attack surface reduction. Michael Lieberman Michael Lieberman is a Chief Technology Officer at Kusari focused on technology transformation especially with regards to cloud native architectures, technologies and migrations. Most recently he has been focused on work within the software supply chain security space. He is co-chair of the CNCF Financial Services User Group, SLSA steering committee member, and recently co-lead the Secure Software Factory Reference Architecture for the Security Technical Advisory Group. Michael has also participated in multiple podcasts, panels and talks on behalf of the FSUG, the companies he’s worked for and on behalf of himself as an individual contributor in the tech community. Meeting Time: Thurs, June 1, 8am PT / 10 am CT / 11am ET / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.timeanddate.com_worldclock_converter.html&d=DwMGaQ&c=DPL6_X_6JkXFx7AXWqB0tg&r=CGsG_HWslMnHmDRZngTUv7VswbuEgSDQQD-XjX0ZZFc&m=aTno2MdPkEyWeFF6NtTVsvkwhro4X8E0ghAjdiaNKPY&s=ZE9sYJcHMoEO3g5qrPPuiKU0gFK7mMjd9Km_ClCNBbU&e=> Conf call dial-in: Join the meeting: https://meet.jit.si/SPDXGeneralMeeting<https://urldefense.com/v3/__https:/www.google.com/url?q=https*3A*2F*2Fmeet.jit.si*2FSPDXGeneralMeeting&sa=D&ust=1619537013292000&usg=AOvVaw224M4IF9lZQ--a36gO3Lwh__;JSUlJQ!!A4F2R9G_pg!I3GFzBfRfUyGZhkyTIdNNgY2TQsTIZL85F0ubPgWSv4TkuBYAzJmtyCci41BGCiD_0k$> To join by phone instead, tap this: +1.512.647.1431,,1310118349#<tel:+15126471431,1310118349> Looking for a different dial-in number? See meeting dial-in numbers: https://meet.jit.si/static/dialInInfo.html?room=SPDXGeneralMeeting<https://urldefense.com/v3/__https:/www.google.com/url?q=https*3A*2F*2Fmeet.jit.si*2Fstatic*2FdialInInfo.html*3Froom*3DSPDXGeneralMeeting&sa=D&ust=1619537013292000&usg=AOvVaw0CFb1socSljscXVhl5wU_R__;JSUlJSUlJQ!!A4F2R9G_pg!I3GFzBfRfUyGZhkyTIdNNgY2TQsTIZL85F0ubPgWSv4TkuBYAzJmtyCci41BhDXVXvs$> If also dialing-in through a room phone, join without connecting to audio: https://meet.jit.si/SPDXGeneralMeeting#config.startSilent=true<https://urldefense.com/v3/__https:/www.google.com/url?q=https*3A*2F*2Fmeet.jit.si*2FSPDXGeneralMeeting*23config.startSilent*3Dtrue&sa=D&ust=1619537013292000&usg=AOvVaw0KXqpP-XHq4V1GzN9CrPgS__;JSUlJSUl!!A4F2R9G_pg!I3GFzBfRfUyGZhkyTIdNNgY2TQsTIZL85F0ubPgWSv4TkuBYAzJmtyCci41B0qALsVU$> Etherpad for minutes: https://spdx.swinslow.net/p/spdx-general-minutes Administrative Agenda Attendance Minutes Approval: https://github.com/spdx/meetings/blob/main/general/2023-05-04.md Steering Committee Update Special Presentation Technical Team Report – Kate/Gary/Others * Specification and Profiles * Overview * Core * Legal * Integrity * Defects * Usage and Other Emerging * Tooling Legal Team Report – Jilayne/Steve Outreach/Website Team Report – Alexios/Bob -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1691): https://lists.spdx.org/g/spdx/message/1691 Mute This Topic: https://lists.spdx.org/mt/99219632/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
