Free and open source (FOSS) code is the essence of modern software. Therefore it is imperative to track FOSS across the supply chain(s). For provenance, licensing, composition and dependencies, security and vulnerability, quality, obsolescence and sustainability. And of course, open source demands open source tooling. In this webinar we’ll explore the state and trends in open source tooling and automation:
- The range of tooling & automation domains and how they are served by leading FOSS tools
- The key trends and insights for supply chain management tooling and SBOMs
- New and upcoming FOSS tools
- How to leverage these and participate to create better, more secure software more efficiently
Watch this recorded webinar on tooling in the software supply chain, Tooling: Software Supply Chain Management Automation with “open source on open source” by nexB co-founder and CTO Philippe Ombredanne. In this second episode of the webinar series on software supply chain management Philippe Ombredanne discusses tooling. On the 32-minute mark he provides live demo’s of ScanCode: a server to script and automate the process of Software Composition Analysis and VulnerableCode: a free and open database of software package vulnerabilities.
Video
Click here to watch this video:
Ready to learn more?
- Scan your codebase with ScanCode
- Find software vulnerabilities with VulnerableCode
- Start automating compliance with DejaCode
