, 11 tweets, 23 min read
My Authors
Read all threads
A quick NYE thread to acknowledge all the progress we've made on #SBOM and bringing transparency and better resilience to the software #supplychain this year, and all the folks who made it happen. 1/11

ntia.gov/SBOM
We made great progress in 2019 towards making #SBOM a reality. @NTIAgov published the first set of community-drafted documents to offer guidance around the practice of SW transparency, and we charted the course for our next steps in 2020 2/11 ntia.doc.gov/blog/2019/stak…
@NTIAgov None of this would be possible without incredible work from the community! There are too many stakeholders who helped draft docs, join calls, debate, and remind others how their corner of the ecosystem actual works to name in a thread, but I want to acknowledge a few 3/11
@NTIAgov .@joshcorman has been banging the drum on this for years, and has been patient in helping me understand the issue and its urgency. He helped lead the documentation on the real value #SBOM can have for so many different roles, across the entire SW supply chain 4/11
@NTIAgov @joshcorman .@zmanion and @jumpmichellegm1 have done such amazing work extracting a shared vision of what an #SBOM is from the hivemind, and created a vision of "rough consensus and running code" as well as a plan for tackling the further known challenges. 5/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 Critical work on bringing the operational perspective to bear for formats and tooling, led by the apparently inexhaustible @_kate_stewart from the @linuxfoundation and @jcherz with the modern org's supply chain risk approach. 6/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz Many others have been thinking about this for a long time, and sharing their thoughts about how we can make this vision real, such as @bitwatcher's vision of change in the complex world of enterprise software and @stevespringett's work in @owasp and application security 7/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp So many people are needed to effect change across an entire ecosystem, and we were helped by folks like @_odddie_ stepping up to run a working group and give talks, and @USSJoin rolling up sleeves to help create a translator tool 8/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp @_odddie_ @USSJoin @its_a_lisa @apporima @brysonbort @SushiDude @beauwoods @iamthecavalry @defcon To everyone I've left off, or couldn't find the twitter @handle for, please accept my humble apologies and heartfelt thanks. 10/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp @_odddie_ @USSJoin @its_a_lisa @apporima @brysonbort @SushiDude @beauwoods @iamthecavalry @defcon @Handle Supply chain security will be one of THE big cybersecurity issues of 2020, in DC, the Valley, and around the world. #SBOM is a key part, and we will be able to build on that transparency for more tools, businesses, and services. Plenty of work to get done--ping me to join in! /11
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Allan Friedman

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!