Creating and Mantaining an SBOM with BlackDuck SCA with Najib

In this session, you’ll learn how to generate, manage, and continuously maintain a Software Bill of Materials (SBOM) using BlackDuck Software Composition Analysis (SCA).

This hands-on mentoring session will cover:

-Introduction to SBOM and its importance for security, compliance, and EU CRA/NTIA standards
-Setting up BlackDuck Detect CLI or integrations with build tools (e.g., Maven, Gradle, npm)
-Generating SBOMs in CycloneDX and SPDX formats
-Automating SBOM scans in CI/CD pipelines.
-Mapping SBOMs to CVEs, licenses, and policy violations
-Best practices for SBOM lifecycle management and compliance reporting

Perfect for DevSecOps engineers, AppSec specialists, and compliance professionals who want to implement secure and traceable open-source governance.