Attending this event?
Back To Schedule
Tuesday, December 5 • 14:00 - 14:40
SBOM Automation - Making Compliance Effortless by Consuming, Enriching, and Managing Software Bill of Material - Kouki Hama, Toshiba Corporation & Arun Azhakesan, Siemens Healthineers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Are you facing difficulties managing your software dependencies for license and security compliance, all in an automated way? In today's fast-paced digital landscape, staying compliant with software components and dependencies is paramount, and if you found this challenging, then this presentation finds you interesting, in this presentation we talk how organizations can manage dependencies throughout their release-cycle in an automated way, analyze and manage software license and vulnerabilities systematically with minimum effort, and being compliant by consuming, enriching, and managing software bill of materials. Especially, we will utilize ORT(OSS Review Toolkit) for scanning and discuss the generation of Cyclonedx analysis files, along with their integration into SW360. Though our roadmap encompasses both license clearing and security, the primary focus of this talk will be on license clearing. We will also touch upon potential integrations, such as VulnerableCode, and the application of Vulnerability scan to enrich the SBOM. What participant gains? The participants will gain a understanding on how to achieve continuous compliance with consistent SBOM management in an automated way using a combination of oss compliance tools such as Linux Foundation’s FOSSology, ORT and Eclipse Foundation’s SW360 project.

avatar for Kouki Hama

Kouki Hama

Software Engineering Researcher, Toshiba Corporation
Kouki Hama is a researcher in software engineering at Toshiba Corporation. He researches open source compliance, process, and these tools. He is also one of the members of the OpenChain project Japan workgroup and one of the co-leader of Eclipse SW360 projects.
avatar for Arun Azhakesan

Arun Azhakesan

Sr. Manager - Software Compliance, Siemens Healthineers
Arun Azhakesan leads the open source compliance activities at Siemens Healthineers. He is an active member of multiple open source communities that focus on developing open source-based tools for open source compliance.

Tuesday December 5, 2023 14:00 - 14:40 JST
Conference Room 6
Feedback form isn't open yet.