Supply Chain Security and Security Automation Data (osc23)

In recent years the amount of vulnerabilities and also the amount of systems, installations or containers a single sysadmin has to oversee has grown beyond any human capable measures. The best help here is more automation in various places, which needs to be driven by automation consumable data. We will look at two primary areas, the automation data provided by SUSE for security fixes and also very fresh the inventory data, or "Software Bill of Materials (SBOM)". The talk will go over various formats, what SUSE offers and their purposes and also give some future look out on more improved or even more automation data formats. In recent years the amount of vulnerabilities and also the amount of systems, installations or containers a single sysadmin has to oversee has grown beyond any human capable measures. The best help here is more automation in various places, which needs to be driven by automation consumable data. We will look at two primary areas, the automation data provided by SUSE for security fixes and also very fresh the inventory data, or "Software Bill of Materials (SBOM)". The talk will go over various formats, what SUSE offers and their purposes and also give some future look out on more improved or even more automation data formats. about this event: https://c3voc.de