Play all

Intro

What is SBOM?

SBOM Ecosystem: Dedicated to Standardizing SBOMs and Building a Data Foundation a Secure Software Supply Chain

Response to the Vulnerability in Log4j: Continuously Enhance Community Governanc Capabilities Centering on Vulnerability Awareness, Locating, and Remediation

Poisoning Attacks Bring Huge Risks to the Software Supply Chain

Challenges in the Trustworthy Software Supply Chain Still Persist

An Overview of Trustworthy Software Supply Chain Solution

Security Vulnerability Disclosure Models

Early Awareness of Security Vulnerabilities is Unavailable

Early Awareness of Critical Vulnerabilities Based on Contrastive Learni

Early Detection Technology for Security Defect Reports (MemVul)

Proactive Vulnerability Discovery by Scanning Similar Vulnerability Features

Correct the Version Information of Software with CVEs

CVE Fixing Patch Identification

Locate Components with CVEs

Package Name Confusion Detection

Community Monitoring and Risk Control Technologies

Early Detection of High-Risk Vulnerabilities

Binary Vulnerability Scanning for Open Source Software

Effective Malicious Code Identification

Next Step: Software Asset Management

Description:

Explore the critical aspects of software supply chain security and transparency in this SIGSOFT webinar. Delve into the concept of Software Bill of Materials (SBOM) and its role in building a trusted software supply chain (TSSC). Examine recent progress in SBOM generation and consumption, vulnerability management, and supply chain attack prevention. Gain insights into silent vulnerability bug reports and fixes identification, vulnerability detection, and CVE improvement. Learn about future directions for TSSC and the challenges that persist in the field. Benefit from the expertise of Dr. Xin Xia, director of the software engineering application technology lab at Huawei, as he shares his research on intelligent software engineering, mining software repositories, and empirical software engineering. Engage with moderator Dr. Xing Hu, assistant professor at Zhejiang University, specializing in intelligent software engineering and software supply chain management.

From SBOM to Trusted Software Supply Chain - How Far Are We?

Association for Computing Machinery (ACM)

Add to list

#Information Security (InfoSec) #Cybersecurity #Software Bill of Materials (SBOM) #Vulnerability Management

0:00 / 0:00