Open source code is the main concern for SBOMs. So, why are so many of the available solutions proprietary software or proprietary data?

Use DejaCode instead! DejaCode is a new open source tool to manage all your SBOMs in one place and ensure software supply chain integrity: - Export, import, merge, and combine SBOMs, with detailed attribution documentation and custom reports in multiple file formats and standards, like SPDX. - Apply usage policies and curated catalogs to enforce the consistent use of open source packages across teams and projects for licenses, provenance, and vulnerabilities. - Run reports and analytics with a consistent view of packages, licenses, and security risks across products.

In this talk, Philippe will discuss how DejaCode enables low-effort, low-friction open source compliance automation across teams with different mandates - all while using open source software.