The latest articles on DEV Community by Dave Bechberger (@bechbd). https://dev.to/bechbd https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1415348%2Fcf7609b3-b739-40c4-899a-d57adc26f35a.png https://dev.to/bechbd en Dave Bechberger Tue, 09 Apr 2024 20:37:15 +0000 https://dev.to/bechbd/analyzing-software-supply-chain-security-with-graph-analytics-551h https://dev.to/bechbd/analyzing-software-supply-chain-security-with-graph-analytics-551h <p>If you look at XZ utils or Log4j, it has become clear that serious software vulnerabilities are not isolated incidents. <br> While the origin of the issues differ, anyone who has had to track down the impact of these problems knows that finding the impact and remediating them is a time-consuming process. Software Bill of Materials (SBOM) help with specific applications but understanding and risking the overall impact is difficult. </p> <p>I have recently integrated SBOM ingestion into Nodestream to help with this problem, and allow you to gain more complete visibility into software components and dependencies.</p> <p>If you're interested in more details, please check out the recent blog post on <a href="https://lnkd.in/dSzFpj8D">Software Vulnerability Analysis using SBOMs, Amazon Neptune, and Nodestream</a>.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flvlw8yda9mha0oxnituj.jpeg" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flvlw8yda9mha0oxnituj.jpeg" alt="Image description" width="565" height="425"></a></p> database security tutorial