The Open Source Way

The Growing Importance of Software Bills of Materials (SBOM)

Listen Later

In this episode, our host Karsten Hohage talks to Max Mehl and Sebastian Wolf about Software Bills of Materials or SBOMs. An SBOM is a detailed record of all components within a software application, including open-source libraries, third-party dependencies and licenses. Max and Sebastian discuss the importance of SBOMs as well as some challenges and unanswered questions of the state of the art. They also speak with Karsten about SBOMs within SAP and Deutsche Bahn and the importance of SBOMs when it comes to open source.

Guests:

Max Mehl

Max has been committed to free and open-source software for many years. He is responsible for all aspects of open source at DB Systel. In this role, he supports Deutsche Bahn in using and contributing to open source professionally. He previously worked for the Free Software Foundation Europe (FSFE), where he coordinated initiatives such as REUSE and “Public Money? Public Code!”. He is a board member of FSFE and F-Droid and is involved in several projects as a maintainer.

  • GitHub: https://github.com/mxmehl
  • Mastodon: https://mastodon.social/@mxmehl
  • LinkedIn: https://www.linkedin.com/in/mxmehl/
  • Twitter: https://twitter.com/mxmehl  
  • Blog: https://mehl.mx/blog/
  • Website: https://mehl.mx/

    • Sebastian Wolf

    Sebastian is a development architect and has worked for the SAP OSPO since the beginning of 2020. He first joined SAP in 2003 as a student and has since worked in several development positions at, for example, SAP SRM, ABAP Development Tools, the SAP Community Network, and Central Architecture. He was engaged at the Corona-Warn-App project as a community manager from the very beginning and is now coordinating open-source consumption topics in the SAP OSPO.

    • Twitter: https://twitter.com/Ygriega
    • GitHub: https://github.com/Wunderfitz

      • Show Notes:
      • Slides: SBOMs – A short introduction · todogroup/ospology · Discussion #376 (github.com)
      • Software Bill of Deliveries (SBOD)
        • Episode 34: Open Component Model (OCM) – Describe, Transport, Deploy
        • https://ocm.software/
        • SBOM Everywhere
          • Open Source Security Foundation (OpenSSF) – SBOM Everywhere – Special Interest Group
          • SBOM Everywhere and the Security Tooling Working Group: Providing the Best Security Tools for Open Source Developers (Blog)
          • How SAP paved the road for 30k+ developers – PlatformCon 2023 (Video)
          • OSS Review Toolkit – https://github.com/oss-review-toolkit/ort
          • SPDX – https://spdx.dev/
          • CycloneDX – https://cyclonedx.org/
          • Deutsche Bahn Open Source: https://opensource.deutschebahn.com
          • SAP Open Source Program Office
            • SAP Open Source at SAP Community
            • SAP Open Source Twitter (@sapopensource)
            • e-mail – [email protected]   
              • Additional Downloads
                • Download the transcript as PDF-file

                  • Hosted by Karsten Hohage – Product Expert in Technology and Innovation (T&I)

                  LinkedIn: https://www.linkedin.com/in/karsten-hohage-0180312/

                  The post The Growing Importance of Software Bills of Materials (SBOM) first appeared on The Open Source Way.

                  ...more
                  View all episodesView all episodes
                  Download on the App Store
                  The Open Source WayBy SAP SE
                  • 4.8
                  • 4.8
                  • 4.8
                  • 4.8
                  • 4.8

                  4.8

                  4 ratings

                  More shows like The Open Source Way

                  View all
                  Der Tag by hr

                  Der Tag

                  11 Listeners

                  Freak Show by Metaebene Personal Media - Tim Pritlove

                  Freak Show

                  10 Listeners

                  Logbuch:Netzpolitik by Metaebene Personal Media - Tim Pritlove

                  Logbuch:Netzpolitik

                  7 Listeners

                  Making Sense with Sam Harris by Sam Harris

                  Making Sense with Sam Harris

                  26,462 Listeners

                  SAP BTP Talk by SAP SE

                  SAP BTP Talk

                  8 Listeners

                  Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

                  Syntax - Tasty Web Development Treats

                  987 Listeners

                  UKW by Metaebene Personal Media - Tim Pritlove

                  UKW

                  1 Listeners

                  Spektrum-Podcast by detektor.fm – Das Podcast-Radio

                  Spektrum-Podcast

                  16 Listeners