Hello World+ projects to test and benchmark software composition analysis tools - OCX 2024

Channel:
Eclipse Foundation
Subscribers:
24,000
Published on ● Video Link: https://www.youtube.com/watch?v=zJEg2qitPtE


Duration: 0:00
25 views
1

From detecting vulnerable dependencies to performing automated open source license compliance to creating machine-readable SBOMs, organizations have an ever increasing interest in using high-quality software composition analysis (SCA) tools on their projects. This will become an even more important topic with the requirements of the upcoming EU Cyber Resilience Act. Such SCA tools are available as both open source projects and proprietary vendor products, but how can a user establish how well they are performing on a particular setup? This talk will open with our experience at Bosch in handling a heterogeneous environment with a multitude of programming languages and package managers. It will then focus on an idea we presented at the OpenChain Tooling Group to have open source Hello World+ projects which could enable testing and benchmarking SCA tools on different programming languages and package managers.



Other Videos By Eclipse Foundation


2024-12-05Data Trustees: A Whitelisting Approach for Trusted Data Sharing
2024-12-05Introducing Typir: Type Checking for the Web! - OCX 2024
2024-12-05Data Spaces as a Collective Action to Create an Infrastructure for the Data Economy
2024-12-05A catalyst for EuropeaN ClOUd Services in the era of data spaces,high-performance and edge computing
2024-12-05Getting Started with the OSGi Feature Launcher - OCX 2024
2024-12-05The MobiSpaces Manifesto on Mobility Data Spaces
2024-12-05European Data Strategy: From data spaces to platforms with decentralised intelligence
2024-12-05Privacy-Friendly Sharing of Health Data Using a Reference Architecture for Health Data Spaces
2024-12-05Automating Cybersecurity Compliance in DevSecOps with Open Information Model for Security as Code
2024-12-05Data Management and Exchange between a Meta-Orchestration Platform and Data Spaces
2024-12-02Hello World+ projects to test and benchmark software composition analysis tools - OCX 2024
2024-12-01The future of cybersecurity, today: Free and open source tools for CRA compliance for SMEs - OCX 24
2024-12-01Thingweb's Next Chapter: How we are scaling our Project for better IoT and Digital Twin Applications
2024-12-01Can We Adopt Eclipse IoT Projects on Android Embedded Devices? - OCX 2024
2024-12-01Cooperation Between Two OS Foundations to Build a Global Interoperable Ecosystem - OCX 2024
2024-12-01A Better Way to Teach Open Source Software Engineering - OCX 2024
2024-12-01Good Governance Initiative: Translating Is User Oriented, and How It's Done Involving the Community
2024-11-27Revealing… OCX 2026: Where Are We Heading Next?
2024-11-27Relive the Magic: OCX 2024 Aftermovie
2024-11-24Eclipse Dataspace Community Call 2024
2024-11-24What is the Eclipse Dataspace WG up to with ISO/IEC?