Friday, June 9, 2023

VEX Purpose and Use Cases

I’m pleased to report that I’ll be working with FOSSA, Inc. to develop blog posts and white papers on particularly important topics having to do with SBOM and VEX. If you don’t know FOSSA, they’re the only developer-native open source management platform. They have the broadest license inventory and vulnerabilities database available. Most interesting to me, the platform can be used to create, import, export and manage SBOMs.

I’m even more pleased to report that my first post for FOSSA, “VEX Purpose and Use Cases”, went live on their blog yesterday. It’s intended to be an introduction to the VEX concept for individuals who have some knowledge of SBOMs and vulnerability management. It includes discussions of the primary VEX use case, the fields in a VEX document, and what I see to be the future of VEX.

I recommend that you take a look at it! 

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.

No comments:

Post a Comment