Training > Open Source Best Practice > Generating a Software Bill of Materials (LFC192)
Training Course

Generating a Software Bill of Materials (LFC192)

Learn to identify the minimum elements for a Software Bill of Materials (SBOM) and how they can be coded up, and get an overview of some of the open source tooling that is available to support the generation and consumption of an SBOM.

Course Rating
4.3/5 Stars
Who Is It For

This is an introductory course designed for directors, product managers, open source program office staff, security professionals, and developers.
read less read more
What You’ll Learn

A Software Bill of Materials can be used to support the systematic review of known security vulnerabilities in open source components and approval of each component’s license terms to clarify the obligations and restrictions as it applies to the distribution of the analyzed software, thus reducing risk. This course will help you understand what the minimum data elements are for a SBOM and the reasoning behind why those elements are included. It will also provide guidance on where to find tools that will let you generate and validate SBOMs.
read less read more
What It Prepares You For

Having an accurate view of the software being imported and used in systems has become increasingly important as we see more vulnerabilities emerge in the supply chain. By generating a SBOM, we’re able to help with efficient analysis for security, licensing, and other use cases. This course will give you foundational knowledge about the options and the tools available for generating SBOMs, and will help you understand the benefits of adopting SBOMs and how to use them to improve your ability to respond to cybersecurity needs.
read less read more
Course Outline
Chapter 1. Course Introduction
Chapter 2. Software Bill of Materials (SBOMs)
Final Exam

Prerequisites
No prior training or knowledge is required to take this course.
Reviews
Sep 2023
This class really opened my eyes to a whole variety of SBOM issues that I'd never thought about. I was concerned about identifying software authors who use pseudonyms or email addresses, and how to trace them. I found a whole world of other issues beyond that. This is really going to help me face new compliance requirements from Executive Order 14028.
Aug 2023
Great overview of initiatives and available specifications and tools.
Jul 2023
Knowing about SBOM was new to me, and it was very useful information to know. The instructor was very knowledgeable in SBOM.
Jun 2023
Clear information, and good use cases.
May 2023
Great overview of Software Bill of Materials, along with the different standards.