By Phil Odence Software Package Data Exchange® (SPDX®) is a standard format for describing a software bill of materials that supports a range of use cases, not least SBOMs to manage security vulnerabilities.  SPDX has been an open project under the auspices of the Linux Foundation for over a decade, all the time with the […]

Source: LXer – Why you should use SPDX for security