SW360 is a Web application for managing the software bill-of-material ("SBOM") of software projects and products. It is an Eclipse project licensed under the EPL-2.0 and thus available for everybody as Open Source Software. The application has a Web UI and REST endpoints for entering or importing the SBOM from dependency or package management systems. In addition, the import of SBOM files using the SPDX spec is supported. Based on the imported SBOM or a software project, a number of functionality is possible, ref to management of vulnerabilities, license and trade compliance or statistics about component usage. The submitted talk introduces and presents SW360.
SW360 is an open source software project licensed under the EPL-2.0 that provides both a web application and a REST API to collect, organize and make available information about software components. It establishes a central hub for software components in an organization. SW360 allows for
Speakers: Smruti Prakash Sahoo Jaideep Palit Abdul Kapti