Profile picture
, 11 tweets, 23 min read
My Authors
Read all threads
A quick NYE thread to acknowledge all the progress we've made on #SBOM and bringing transparency and better resilience to the software #supplychain this year, and all the folks who made it happen. 1/11

ntia.gov/SBOM
We made great progress in 2019 towards making #SBOM a reality. @NTIAgov published the first set of community-drafted documents to offer guidance around the practice of SW transparency, and we charted the course for our next steps in 2020 2/11 ntia.doc.gov/blog/2019/stak…
@NTIAgov None of this would be possible without incredible work from the community! There are too many stakeholders who helped draft docs, join calls, debate, and remind others how their corner of the ecosystem actual works to name in a thread, but I want to acknowledge a few 3/11
@NTIAgov .@joshcorman has been banging the drum on this for years, and has been patient in helping me understand the issue and its urgency. He helped lead the documentation on the real value #SBOM can have for so many different roles, across the entire SW supply chain 4/11
@NTIAgov @joshcorman .@zmanion and @jumpmichellegm1 have done such amazing work extracting a shared vision of what an #SBOM is from the hivemind, and created a vision of "rough consensus and running code" as well as a plan for tackling the further known challenges. 5/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 Critical work on bringing the operational perspective to bear for formats and tooling, led by the apparently inexhaustible @_kate_stewart from the @linuxfoundation and @jcherz with the modern org's supply chain risk approach. 6/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz Many others have been thinking about this for a long time, and sharing their thoughts about how we can make this vision real, such as @bitwatcher's vision of change in the complex world of enterprise software and @stevespringett's work in @owasp and application security 7/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp So many people are needed to effect change across an entire ecosystem, and we were helped by folks like @_odddie_ stepping up to run a working group and give talks, and @USSJoin rolling up sleeves to help create a translator tool 8/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp @_odddie_ @USSJoin Significant change depends on supporters and boosters like @its_a_lisa, @apporima, @brysonbort, @sushidude and of course @beauwoods bringing @iamthecavalry and the @defcon Villages 9/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp @_odddie_ @USSJoin @its_a_lisa @apporima @brysonbort @SushiDude @beauwoods @iamthecavalry @defcon To everyone I've left off, or couldn't find the twitter @handle for, please accept my humble apologies and heartfelt thanks. 10/11
@NTIAgov @joshcorman @zmanion @jumpmichellegm1 @_kate_stewart @linuxfoundation @jcherz @bitwatcher @stevespringett @owasp @_odddie_ @USSJoin @its_a_lisa @apporima @brysonbort @SushiDude @beauwoods @iamthecavalry @defcon @Handle Supply chain security will be one of THE big cybersecurity issues of 2020, in DC, the Valley, and around the world. #SBOM is a key part, and we will be able to build on that transparency for more tools, businesses, and services. Plenty of work to get done--ping me to join in! /11
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Allan Friedman

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#SBOM #supplychain

Related threads

Profile picture
Peter Salisbury
@peterjsalisbury
So, the Riyadh Agreement (RIP, Jeddah Agreement) between STC and Hadi gov still hasn't been signed but a ceremony is reportedly imminent and a draft of what is the near-final text has now been distributed widely. Some quick thoughts (#Thread).
Draft is made up of a series of cascading/staggered national / local political and security arrangements aimed at integrating STC/southern secessionist political and affiliated forces into national defence/security structures. In return, STC participates in UN-led consultations.
If successful, the agreement solves two short-term problems:
- It prevents a war-within-a-war between STC and Hadi government
- It provides more credibility to future government negotiating platform with the Huthis.
Great!
Read 10 tweets
Profile picture
Okechukwu Ifeora
@isocroft
So, my thread on how to choose databases for your web apps starts in 20 minutes time. Hope y'all are ready ?However, this time i would love it to be an interactive session where we can learn from each other about database preferences for specific web apps and the use case
#thread
This is what we want to talk about today. Take a really good look at the image below. Study it well. Also notice the words at the 3 vertexes of the triangle. CONSISTENCY, AVAILABILITY & PARTITION-TOLERANCE (Big English - but fear not, we shall demystify all and it'll all be easy)
If we also look at the image in the previous tweet on this thread we can see some popular databases placed at certain sides of the triangle. It is important to note also the positioning of some of a particular point on each side. We shall discuss this in more detail soon. #thread
Read 48 tweets
Profile picture
Cas Mudde ⚠️
@CasMudde
My favorite (political) country held elections again and the results are both defeat and victory for Alexis Tsipras, outgoing PM. Some quick thoughts. #Thread #greekelections2019
1. There was never any doubt mainstream right New Democracy (ND) was going to win elections, and parliamentary majority was also long expected (biggest party gets bonus of 50 seats!).
2. ND will have solid majority and, at least, starts in fairly positive circumstances... economy bad but not terrible, Macadonia issue "solved", business and politics have to have reliable ND back (although both warmed up significantly towards Tsipras in past years).
Read 16 tweets
Profile picture
Saiswaroopa
@Sai_swaroopa
#Thread #Kurukshetra #Analytics #Mahabharata
Started a fun project of mine today. Recording the duels of Kurukshetra war in an excel sheet in anticipation of some interesting pattern. Watch this space for interesting tidbits. Full exercise may take quite a while
Interesting Results! #Kurukshatra #Analytics. So many duels without a declared result on Day One
Could record two general battles and 26 duels on Day One. Only 6 of those duels ended decisively. Pandava side suffered horribly in the hands of Bhishma. Uttara killed in the hands of Shalya. Saving grace being Abhimanyu countering Bhishma and winning over Brihadbala #Kurukshetra
Read 432 tweets
Profile picture
ArchRABBIshop Ifeanyi 😎😎
@kenifeanyii
The POWER Of An EFFECTIVE Prayer

#Thread
#UnveilingScriptures
James 5:16 says “the effectual fervent prayer a righteous man availeth much”

The AMPC puts it like this “the earnest ,heartfelt , continued prayer of a righteous man makes tremendous prayer available, dynamic in its working
I particularly love how it is rendered in the TPT “ for tremendous power is released through the passionate , heartfelt prayer of a godly believer “

Hallelujah

In other words , when a righteous man man prays, tremendous power is released . Not just power but tremendous one💥
Read 81 tweets
Profile picture
Ade Obasa
@Ade_Obasa
CARRY YOUR MARKET ON YOUR HEAD

Let me ask you this question.

In 2018, HOW MUCH did you make with this your Attitude of

"this is who I am"
"we don't talk in our house"
"I am a very shy person"
"I don't like to broadcast myself"???

#Thread
How much?

Not to worry, if you made so much money from them, but if not, you must change!

Nothing will change in your life if you keep doing the same thing!

If you're a very quiet and reserved person, there's a very high tendency that you may find it difficult to make money
Don't get me wrong. I know you'll be saying, "what about Dangote?" My friend, be patient and understand me first.

Dangote is a reserved and quiet person, but with crazy business ideas. He's only quiet in looks and nature but not quiet in actions and words.
Read 11 tweets

Trending hashtags

#JamalKhashoggi #Facebook #ClimateChange #Agenda21 #Senkaku #maritime #Myanmar #YuanWang #DeccanGymkhana #basketball #transparency #GGI #deer #JustIn #schoolshouldnevergavethememail #ClimateEmergency #DetectingDeception #NewYearChallenge #DecadeofConcern #agriculture #climateaction #BuildingBridges #Pune #Manusmriti #Tennis
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!