Loading…
25-27, August 2025
Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time, CEST (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right. 

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Zero-Touch SBOM Generation: Secure Your Build From the Inside Out - Kaushlendra Pratap Singh & Gaurav Mishra, Siemens
Monday August 25, 2025 15:35 - 16:15 CEST
G001-002
In the world of continuous delivery, speed is everything - but security and compliance often lag. Open-source developers and DevOps engineers face a key challenge: how do you ship fast and stay audit-ready?

With SBOMs becoming mandatory under various regulatory Acts, compliance is no longer optional. This talk shows how to proactively integrate open-source tooling into your pipelines—securely, automatically, and at scale.

We’ll discuss how to bring compliance into the early stages of the software development lifecycle—using open-source tools that enable zero-touch, high-quality SBOM generation. Powered by the battle-tested FOSSology toolchain, these solutions integrate seamlessly into your CI/CD pipelines, whether you’re using GitHub Actions or GitLab CI.

It automates:

• Dependency scanning in Python and Node.js projects

• License and copyright detection

• SPDX SBOM generation in JSON, YAML, RDF, or Tag formats

• Seamless CI-native package scanning on every pull request

Lightweight, Docker-based, and already on Docker Hub and GitHub Marketplace, this tool makes compliance and SBOM generation effortless.
Speakers
avatar for Kaushlendra Pratap Singh

Kaushlendra Pratap Singh

Research Engineer, Siemens
Kaushlendra Pratap is a Research Professional at Siemens and a passionate advocate for open-source software. With nearly four years of experience in semantic web, license compliance, and machine learning, he has played a key role in contributing to and maintaining tools like FOSSology... Read More →
avatar for Gaurav Mishra

Gaurav Mishra

Research Engineer, Siemens
Gaurav Mishra, a Research Professional at Siemens, is a passionate advocate for open-source software. Leveraging his seven years of expertise in the domain of semantic web, license compliance and software architectures, he leads the SW360 & FOSSology organizations and drives inno... Read More →
Monday August 25, 2025 15:35 - 16:15 CEST
G001-002
  Cloud & Containers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Need help? View Support Guides
Event questions? Contact Event Planner
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link