[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [board-busdev-thought-leaders] OASIS Opportunity
CISA and the NSA recently released ÂSecuring the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. The very last sentence of the body of the document, in the âConclusion: SBOM Consumption Today and Tomorrowâ section, states:
- âA vendor neutral open standard set of risk factors that can be aggregated into risk scoring for SBOMs should be developed.â
Â
I would be willing to participate in (but not chair) a new TC to create the standard envisioned. I believe it only takes 5 people in 2 companies to justify starting a TC. Anyone else interested? My belief is that it would kick off a firestorm of activity and result in some new members as well as more participation from existing members. But if we are to do it, we need to move quickly.
Â
--Â
Duncan Sparrell
sFractal Consulting
iPhone, iTypo, iApologize
I welcome VSRE emails. Learn more atÂhttp://vsre.info/
Â
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]