VEXing SBOMS

In this video, we’re lucky to have Tom Alrich, Leader of OWASP SBOM Forum project, who wrote the book “Introduction to SBOM and VEX,” along with his close associate, Steve Springett, Chair of the OWASP CycloneDX Bill of Materials Standard. These are two major OWASP efforts underway to solve the naming problem with VEX documentation, and a standard framework for the software supply chain with CycloneDX.