Platform engineering is the discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations in the cloud-native era.

Platform Engineering

Hello Everyone - My presentation on Software Supply Chain Security is here: <https://platformcon.com/talk/a-different-kind-of-s3-first-line-security-of-the-supply-chain> Hopefully you find it interesting and useful.  I'm available to discuss  and answer questions in this channel.  Looking forward to getting your feedback and comments. Thanks!

<@U03K34T0MA8> with SBOMs being reactive, aren't the proactive, since I would get the SBOM before I deploy my code anyway ? I thought I would get it before even adding it locally ?

Love the shoutout to <https://github.com/kelseyhightower/nocode>

<@U03GMT74WLC> Your point is valid. I was trying to convey they are reactive in a sense that an SBOM is a static historical build record for a given software artifact that doesn't "naturally" reflect dependency changes that have occurred since that build occurred.  For immutable images that is OK and important and valuable. However, it's important to monitor dependencies indicated by these SBOMs to anticipate  impending changes for future builds. This is the proactive part Im trying to convey. Maybe I could find a better way to make that point more clearly. Thanks for your comment.