Thanks for sharing the info. Greatly appreciate it. Cordially, Mark P. Farrell, HQ Solutions Architect IV | 3055 Crescentville Rd, Rm 226 | Cincinnati, OH 45235-9998 Work ph: 513-733-7266; Cell: 513-260-2853
From: [email protected] <[email protected]> On Behalf Of Dick Brooks via lists.spdx.org Sent: Thursday, August 24, 2023 12:30 PM To: [email protected] Subject: [EXTERNAL] Re: [spdx] Completely new to this - link to SBOM data? CAUTION: This email originated from outside USPS. STOP and CONSIDER before responding, clicking on links, or opening attachments. Mark, You may want to reach out to the CISA ICT_SCRM Task Force for help. They have lots of materials available to help government entities with regard to SBOM, vulnerability management and implementation guidance. https://www.cisa.gov/resources-tools/groups/ict-supply-chain-risk-management-task-force Here is one useful document describing use cases involving SBOM - designed for SMB's but also appropriate for larger organizations: https://www.cisa.gov/sites/default/files/2023-01/Securing-SMB-Supply-Chains_Resource-Handbook_508.pdf Thanks, Dick Brooks [cid:[email protected]] [cid:[email protected]] Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership Never trust software, always verify and report!<https://reliableenergyanalytics.com/products> (tm) http://www.reliableenergyanalytics.com<http://www.reliableenergyanalytics.com/> Email: [email protected]<mailto:[email protected]> Tel: +1 978-696-1788 From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of Mark P. Farrell via lists.spdx.org Sent: Thursday, August 10, 2023 3:53 PM To: [email protected]<mailto:[email protected]> Subject: [spdx] Completely new to this - link to SBOM data? I'm very new to SBOM - understanding and this website - and arrived here after a redirect URL from Microsoft - Generating Software Bills of Materials (SBOMs) with SPDX at Microsoft - Engineering@Microsoft<https://devblogs.microsoft.com/engineering-at-microsoft/generating-software-bills-of-materials-sboms-with-spdx-at-microsoft/>. Is there a link here to help me get up to speed - with the website, quick background, and where the SBOM data is located? -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1751): https://lists.spdx.org/g/spdx/message/1751 Mute This Topic: https://lists.spdx.org/mt/100937778/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
