ActiveState Blog

SBOMS & Attestations: US Government Deadlines for Implementation

The US government secure supply chain deadline for SBOMs and software attestations is June 2023. Find out how to meet the date.

ActiveState is officially retiring both Komodo IDE and Komodo Edit and open sourcing Komodo IDE. Learn what this means for you.

Learn the unique software supply chain threats you may encounter when developing software on popular cloud platforms.

Learn how a single open source toolchain can secure your software supply chain while reducing tooling overhead & environment inconsistency.

Learn how you can take your existing systems and convert them to SLSA-ready implementations in order to help secure your supply chain.

Learn how to comply with US government secure supply chain & software development requirements, including software attestations and SBOMs.

The US Government requires software vendors to provide self-attestation. Learn what attestations are and how to navigate these restrictions.

The US Government has restricted sales of software to those that can provide an SBOM. Learn how to auto-generate SBOMs for your software.

Pip install and pip download can compromise your system with malware. Learn how you can counter this software supply chain threat.

SLSA improves software supply chain security by providing a framework for sourcing and building software more securely. Learn how.

Securing your Ruby software supply chain from end to end means implementing import, build and usage controls. Learn how.

Learn how to reduce the costs of upgrading open source languages, as well as best practices when a programming language becomes EOL.