Online / 5 & 6 February 2022

visit

D.dependency


Day Start End Track(s)
Sunday 10:00 18:00 Software composition and dependency management
09 10 11 12 13 14 15 16 17
Sunday Devroom introduction Package URL and Version range spec
Towards mostly universal dependency resolution		 How OSPOs can help secure the software supply chain Developing an open source license compliance project : our trials, tribulations and achievements How to manage OSS license obligations and SBoM by SW360's new features Panel 1: Processing Dependencies and Compositions and Software Break Scanning for known vulnerabilities in an embedded distribution
A return on experience from the Eclipse Oniro project		 Reporting vulnerabilities within a complex software environment
Using the CVE-Bin-Tool		 Commoditising Open Source Risk Management
First Open Source SCA Platform		 Panel 2: Dependencies for Vulnerability Discovery and Tracking Lunch Break Generating SBOM for your code using OSS Review Toolkit SBOM Resolver - Generating detailed SBOMs for Alpine FASTEN: Fine-Grained Analysis of Software Ecosystems as Networks Panel 3: Creating SBOMs On Backporting Practices in Package Dependency Networks Operationalize SBOM with OWASP Dependency-Track Tracking Software Dependencies Panel 4: Software Compositions and Dependency Tools

Events

Title Track Start End

Sunday
  Devroom introduction Software composition and dependency management 10:00 10:05
  Package URL and Version range spec
Towards mostly universal dependency resolution		 Software composition and dependency management 10:05 10:20
  How OSPOs can help secure the software supply chain Software composition and dependency management 10:20 10:40
  Developing an open source license compliance project : our trials, tribulations and achievements Software composition and dependency management 10:40 11:00
  How to manage OSS license obligations and SBoM by SW360's new features Software composition and dependency management 11:00 11:20
  Panel 1: Processing Dependencies and Compositions and Software Software composition and dependency management 11:20 12:00
  Break Software composition and dependency management 12:00 12:20
  Scanning for known vulnerabilities in an embedded distribution
A return on experience from the Eclipse Oniro project		 Software composition and dependency management 12:20 12:40
  Reporting vulnerabilities within a complex software environment
Using the CVE-Bin-Tool		 Software composition and dependency management 12:40 13:00
  Commoditising Open Source Risk Management
First Open Source SCA Platform		 Software composition and dependency management 13:00 13:20
  Panel 2: Dependencies for Vulnerability Discovery and Tracking Software composition and dependency management 13:20 14:00
  Lunch Break Software composition and dependency management 14:00 14:20
  Generating SBOM for your code using OSS Review Toolkit Software composition and dependency management 14:20 14:40
  SBOM Resolver - Generating detailed SBOMs for Alpine Software composition and dependency management 14:40 15:00
  FASTEN: Fine-Grained Analysis of Software Ecosystems as Networks Software composition and dependency management 15:00 15:20
  Panel 3: Creating SBOMs Software composition and dependency management 15:20 16:00
  On Backporting Practices in Package Dependency Networks Software composition and dependency management 16:20 16:40
  Operationalize SBOM with OWASP Dependency-Track Software composition and dependency management 16:40 17:00
  Tracking Software Dependencies Software composition and dependency management 17:00 17:20
  Panel 4: Software Compositions and Dependency Tools Software composition and dependency management 17:20 18:00