This is my second post in SBOM series where I would explain why we chose CycloneDX over SPDX for our projects. The first post was focusing on the need to have more than one bill of materials to describe any particular product. I Introduction If you search the web or ask ChatGPT about CycloneDX vs… Continue reading Why We Chose CycloneDX Over SPDX
Category: Cybersecurity
Why a Single SBOM is Never Enough
As I become increasingly involved in SBOM generation and management, I plan to publish a series of posts exploring the current state of SBOMs, the key challenges, and how we at Reliza are addressing them. This is the first post in these series where I would like to discuss just how many SBOMs we actually… Continue reading Why a Single SBOM is Never Enough
Release Metadata Organization Model
Here I would like to describe a model on how we organize storage of release metadata for technology products. This methodology is a part of new Reliza’s project ReARM. This may refer to both software or hardware or a mix of the two. I Problem Statement Various regulator requirements are either mandating already or are… Continue reading Release Metadata Organization Model