Training > Open Source Best Practice > Generating a Software Bill of Materials (LFC192)
Training Course

Generating a Software Bill of Materials (LFC192)

Learn to identify the minimum elements for a Software Bill of Materials (SBOM) and how they can be coded up, and get an overview of some of the open source tooling that is available to support the generation and consumption of an SBOM.

Course Rating
4.2/5 Stars
Who Is It For

This is an introductory course designed for directors, product managers, open source program office staff, security professionals, and developers.
read less read more
What You’ll Learn

A Software Bill of Materials can be used to support the systematic review of known security vulnerabilities in open source components and approval of each component’s license terms to clarify the obligations and restrictions as it applies to the distribution of the analyzed software, thus reducing risk. This course will help you understand what the minimum data elements are for a SBOM and the reasoning behind why those elements are included. It will also provide guidance on where to find tools that will let you generate and validate SBOMs.
read less read more
What It Prepares You For

Having an accurate view of the software being imported and used in systems has become increasingly important as we see more vulnerabilities emerge in the supply chain. By generating a SBOM, we’re able to help with efficient analysis for security, licensing, and other use cases. This course will give you foundational knowledge about the options and the tools available for generating SBOMs, and will help you understand the benefits of adopting SBOMs and how to use them to improve your ability to respond to cybersecurity needs.
read less read more
Course Outline
Chapter 1. Course Introduction
Chapter 2. Software Bill of Materials (SBOMs)
Final Exam

No prior training or knowledge is required to take this course.
Dec 2022
All around, the new specifications of control and analysis of Software (Security and analysis) is very interesting. Open chain is the other new element that I discovered in this journey.
Dec 2022
It's a good beginner-friendly overview of the current situation with SBOMs. I like that it also presented alternatives to Linux Foundation's SBOM solution. The tutor was well-prepared, and answered all questions well.
Oct 2022
The presentation was well-designed, and met the requirement.
Sep 2022
This is very needful training.
Sep 2022
The contents showed me there is more that I could learn about software development, and how to document my work.
Sep 2022
It was an eye-opener on software development, and how you can both document and secure your software for easy maintenance.