Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [open-regulatory-compliance] EU CRA SBOM suggestions

Thanks, Dick.

Could you add the relevant resources to the spreadsheet?

https://docs.google.com/spreadsheets/d/1Y36Vueb3Eo_djOuRdpyzoCS1vzGaKpjP-99g3J6rw7Y/edit?gid=0#gid=0

--tobie


On Mon, Feb 17, 2025 at 5:26 PM Dick Brooks via open-regulatory-compliance <open-regulatory-compliance@xxxxxxxxxxx> wrote:

The EU CRA also refers to the use of SBOM’s in Annex I.

 

I’ve compiled a set of findings and opinions from working with SBOM’s for software supply chain risk management (SCRM) since 2018 that may be useful as documents are being constructed guiding SBOM usage and expectations for the EU CRA;

https://energycentral.com/c/iu/facts-and-opinions-about-sbom-implementation-and-adoption

 

I welcome your thoughts and feedback.

 

Thanks,

 

Dick Brooks

  

Active Member of the CISA Critical Manufacturing Sector,

Sector Coordinating Council – A Public-Private Partnership

 

Never trust software, always verify and report!

Risk always exists, but trust must be earned and awarded.™

https://businesscyberguardian.com/

Email: dick@xxxxxxxxxxxxxxxxxxxxxxxxx

Tel: +1 978-696-1788

 

 

_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org

Back to the top