The museum of old and new architectures I am involved with forced me to look into safeguarding them. For instance, an old dependency can turn CVE or a solid open-source project can go commercial. This is where the concept of a Software Bill of Material (SBOM) came into existence to catalog the license and dependency ecosystem of systems. This build artifact, in its turn, is then analyzed to determine whether the constituting components are:
- Vulnerable to exploitation, or
- Licensed under unpalatable conditions, such as being too commercial or too predatory.
This article will explain how to control such vulnerability using:
This article has been indexed from DZone Security Zone