#sbom

Adrian Diglio 22 May 2023 6 min read

A secure software supply chain represents another facet of Microsoft's built-in security to enhance and maintain trust in our products. It’s a continuation of the journey we embarked upon since the launch of Security Development Lifecycle (SDL) in 2004 and represents our commitment to continually enhance Microsoft’s foundational security. The post The Journey to Secure the Software Supply Chain at…

engineeringmicrosoft1esexecutive ordersbomsdl

Danesh Kumar Badlani, Adrian Diglio 12 Jul 2022 2 min read

We are excited and proud to open source our software bill of materials (SBOM) generation tool. A key requirement of the Executive Order on Improving the Nation’s Cybersecurity, SBOMs are lists of ingredients that make up software components, providing software transparency so organizations have insight into their supply chain dependencies. Our SBOM tool is a […] The post Microsoft open…

engineeringmicrosoft1esdevsecopssbomsecure supply chain

Adrian Diglio 13 Oct 2021 5 min read

In this post, Adrian Diglio walks us through how Microsoft is planning to generate SBOMs not just to meet the U.S. Presidential Executive Order on Improving the Nation's Cybersecurity, but for all software that Microsoft produces. The post Generating Software Bills of Materials (SBOMs) with SPDX at Microsoft appeared first on Engineering@Microsoft.

engineeringmicrosoft1esdevsecopsexecutive ordersbom