Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Introduction to OmniBOR

Microsoft Developer
588K subscribers
<__slot-el>
<__slot-el>
5.4K views 1 year ago
Supply Chain requirements got you down? Getting an endless array of false positives from you ‘SBOM scanners’ ? Spending more of your time proving you don’t have a ‘false positive’ from your scanners than fixing real vulnerabilities in your code? There has to be a better way. There is. Come hear about a new way to capture the full artifact dependency graph of your software, not as a ‘scan’ after the fact, but as an output of your build tools themselves. Find out when this feature is coming to a build tool near you. Find the latest info about the open-source OmniBOR project available at: https://github.com/OmniBor Learn more about OmniBOR and join the community at https://omnibor.io/community/ 00:00:00 Introduction 00:00:41 Where vulnerabilities are coming from 00:03:09 Artifact Dependency Graph 00:07:11 What OmniBOR does 00:12:11 Get Started 00:13:18 Celebrate Maintainer Month 📆 GitHub Maintainer Month - https://maintainermonth.github.com 📌 Let's connect: Ed Warnicke |   / @omnibor   Frank Boucher |   / @fboucheros   Subscribe to the Open at Microsoft: https://aka.ms/OpenAtMicrosoft Open at Microsoft Playlist: https://aka.ms/OpenAtMicrosoftPlaylist New episode every Tuesday! ...more
...more
Introduction to OmniBOR
61Likes
5,418Views
2023May 29
Supply Chain requirements got you down? Getting an endless array of false positives from you ‘SBOM scanners’ ? Spending more of your time proving you don’t have a ‘false positive’ from your scanners than fixing real vulnerabilities in your code? There has to be a better way. There is. Come hear about a new way to capture the full artifact dependency graph of your software, not as a ‘scan’ after the fact, but as an output of your build tools themselves. Find out when this feature is coming to a build tool near you. Find the latest info about the open-source OmniBOR project available at: https://github.com/OmniBor Learn more about OmniBOR and join the community at https://omnibor.io/community/ 00:00:00 Introduction 00:00:41 Where vulnerabilities are coming from 00:03:09 Artifact Dependency Graph 00:07:11 What OmniBOR does 00:12:11 Get Started 00:13:18 Celebrate Maintainer Month 📆 GitHub Maintainer Month - https://maintainermonth.github.com 📌 Let's connect: Ed Warnicke |   / @omnibor   Frank Boucher |   / @fboucheros   Subscribe to the Open at Microsoft: https://aka.ms/OpenAtMicrosoft Open at Microsoft Playlist: https://aka.ms/OpenAtMicrosoftPlaylist New episode every Tuesday!

Follow along using the transcript.

Microsoft Developer

588K subscribers