all InfoSec news
OASIS Open's push for a software supply chain standard: All together now?
Malware Analysis, News and Indicators - Latest topics malware.news
OASIS Open, a global open-source and standards organization, has announced the formation of a technical committee to standardize supply chain information models.
The aim of the Open Supply Chain Information Modeling (OSIM) technical committee is to build a unifying framework that sits on top of existing SBOM data models, such as CSAF, CycloneDX, OpenVEX, and SPDX. The framework isn't intended to replace current models, but rather to bring clarity to software supply chain partners, mitigate vulnerabilities and disruptions, reduce …
aim build data framework global information modeling oasis organization sbom software software supply chain standard standards supply supply chain technical