Supply Chain Security and Security Automation Data
lost in a maze of XML and JSON
Marcus was born in 1973. He studied computer science in Erlangen, Germany and finished with Diploma. He worked for Caldera from 1999 until the closure of Caldera Linux Business in 2002. He is working for SUSE since 2002, and in the security team since 2004. He has lead the team until begin of 2013 and is now the security project manager. He also is part of the openSUSE Maintenance team and works on a lot of openSUSE packages. In his spare time he is a gphoto (digital camera access library) and Wine developer.
In recent years the amount of vulnerabilities and also the amount of systems, installations or containers a single sysadmin has to oversee has grown beyond any human capable measures.
The best help here is more automation in various places, which needs to be driven by automation consumable data.
We will look at two primary areas, the automation data provided by SUSE for security fixes and also very fresh the inventory data, or "Software Bill of Materials (SBOM)".
The talk will go over various formats, what SUSE offers and their purposes and also give some future look out on more improved or even more automation data formats.
- 2023 May 27 - 15:00
- 30 min
- openSUSE Conference 2023