![Larry���s Fun Dip: Exploring SBOMs For Fun And Profit
[46] - podcast episode cover](https://assets.metacast.app/images/episode/artwork/msAq8J7k)
Larry���s Fun Dip: Exploring SBOMs For Fun And Profit [46]
Feb 21, 2023•52 min•Ep. 46
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
Larry���s Fun Dip: Exploring SBOMs For Fun And Profit
Episode: 46 Published: 2/21/2023
What���s An SBOM Anyway?- An example calculator application only has four dependencies listed in its package.json file
- We���re looking at about 200 required modules to build K8s
- Log4shell, in particular, forced developers to evaluate hundreds or thousands of applications
- The organization that has worked to define what is included in an SBOM is the National Telecommunications and Information Administration
- The NTIA defines an SBOM at an abstract level
- There are upsides and downsides to both source-code and binary analysis and you can check out an excellent post by Andrew Hoog
- Turns Out, Microsoft���s AI Was Just As Bad As Google���s
- Web3 Continues to Go Great
- Just a reminder that it���s not just Twitter. Elon Musk is still failing at running Tesla, too
- But Also Elon Musk Is Terrible With Twitter Too
- The February updates to Windows Server 2022 ��� Break Windows Server 2022
- Amazon Employees Tasked with Mandatory Fun
Intro and outro music by James Bellavance copyright 2022
For the best experience, listen in Metacast app for iOS or Android