I’ve been thinking about continuous SBOM diffing for a while, but the subject appears to be even more important than I initially thought. Yesterday (November 11, 2025) I attended SBOMit workshop which was a part of KubeCon NA 2025. SBOMit is an OpenSSF project which deals with SBOM correctness, validity and verification. Specifically, the demo… Continue reading SBOM Diffing: Next Frontier for Supply Chain Security
Tag: Cybersecurity
Release Metadata Organization Model
Here I would like to describe a model on how we organize storage of release metadata for technology products. This methodology is a part of new Reliza’s project ReARM. This may refer to both software or hardware or a mix of the two. I Problem Statement Various regulator requirements are either mandating already or are… Continue reading Release Metadata Organization Model