mindit.io logo
    • retail
      • / retail

        Retail industry, mindit.io

        In the intricate world of retail, mindit.io stands out as your strategic ally.

    • banking
      • / banking
        Woman using a card payment terminal, retail sector, mindit.io

        We partner with European banks on AI transformation, data-platform modernization, and regulatory-grade integration across Benelux, DACH, and UK.

    • financial services
      • / financial services

        Financial services: mindit.io data and AI

        Custom software and data platforms for asset managers, payments providers, and insurers across DACH and the US.

    • healthcare
      • / healthcare

        Doctor with digital tablet in hospital, healthcare sector, mindit.io

        ML and integration solutions for hospitals, health-tech platforms, and national health systems, including Switzerland’s national health sector.

    • hospitality
      • / hospitality
        Hospitality: mindit.io data and AI

        Operational and guest-experience software for hotels, restaurants, and global travel groups.

    • foodtech
      • / foodtech
        Burger and fresh salad, food and beverage sector, mindit.io

        Product engineering for the food industry: from plant-based configurators to supply-chain analytics.

    • manufacturing
      • / manufacturing
        Aerial view of industrial conveyor belt, manufacturing sector, mindit.io

        Industrial software, IoT integration, and data platforms for manufacturers modernizing operations.

    • publishing
      • / publishing
        Publishing: mindit.io AI solutions

        ML platforms and editorial workflow systems for publishers, including Izzard Ink Publishing.

    • real estate
      • / real estate
        Modern residential buildings at dusk, real estate sector, mindit.io

        Property tech and data analytics for real-estate operators and asset managers.

    • telco
      • / telco
        Person using smartphone, telecom sector, mindit.io

        Telecom-grade software for network optimization, customer-facing apps, and AI-driven insights.

    • / company
    • about us
      • / about us

        mindit.io partners and people
        The partner of choice for data & product engineering to drive business growth & deliver an impact within your organization
    • product engineering
      • / product engineering
        We specialize in Software Product Engineering, transforming your concepts into impactful products.
    • technology
      • / technology
        mindit.io AI Native company
        250+ specialists skilled in software, BI, integration, offering end-to-end services from research to ongoing maintenance.
    • methodology
      • / methodology
        Custom software solutions, mindit.io
        We specialize in software product engineering, transforming your concepts into impactful products.
    • careers
      • / careers
        Careers at mindit.io
        Our team needs one more awesome person, like you. Let’s grow together! Why not give it a try?
    • do good
      • / do good
        mindit.io team member do good ESG initiatives by the sea
        We’re a team devoted to making the world better with small acts. We get involved and always stand for kindness.
    • events
      • / events
        From Databricks’ Data + AI Summit to Day-to-Day: How the Latest Announcements Impact Real Deployments – Live Webinar
    • blog
      • / blog
        Databricks Just Moved the Goalposts. Here’s What That Means for Your Team.
        Databricks just rebuilt the data stack for AI agents. Here is what Retail and Banking should do about it.
    • contact us
      • / contact us
        Request a mindit.io webinar
        We would love to hear from you! We have offices and teams in Romania and Switzerland. How can we make your business thrive?
  • / get in touch

helping enterprises become AI-native organizations

In-Depth Radiography of an SBOM vulnerability scanner (VIDEO)

Log4Shell and SpringShell served as poignant reminders that a substantial portion of the code integrated into our systems does not originate from us, emphasizing the significant responsibility placed on the maintainers we rely on.

The issuance of Executive Order 140028 by the US President brought the imperative need for bolstering the nation’s cybersecurity into the public spotlight. This directive marked the inception of the SBOM frenzy, which gained further momentum with the introduction of the Securing Open Source Software Act of 2022 by Congress. As if that was not enough, the EU joined the movement toward supply chain security with the release of the NIS2 directive.

Fantastic! We now possess the ultimate solution to address all supply chain issues: the Software Bill Of Materials (SBOM). Does this mean our work is complete?

Regrettably, that is not the case. Effectively harnessing the power of SBOMs necessitates acquiring knowledge about:

  • What information an SBOM can provide and how it can assist us.
  • Which tools are suitable for SBOM utilization.
  • How to effectively utilize these tools.
  • Understanding their functionality and operation.
  • Familiarity with related formats.

This session will address each of these questions comprehensively. We will delve into the inner workings of SBOMs and elucidate how they facilitate more efficient vulnerability resolution compared to dependency scanning.

Additionally, we will explore how SBOMs offer broader protection. We will also discuss where SBOMs fit within your DevSecOps pipeline and the valuable intelligence they can offer to various stakeholders within your organization, ranging from technical to legal domains.

The practical examples presented will focus on the following:

  • Syft: For SBOM generation and transformations (converting between different formats).
  • Grype vs. Bomber: For vulnerability scanning and intelligence gathering.


Interested in learning more about mindit.io and how we can help you and your business thrive through software product engineering? Drop us a line, or follow us on LinkedIn for our latest updates!

Log4Shell and SpringShell served as poignant reminders that a substantial portion of the code integrated into our systems does not originate from us, emphasizing the significant responsibility placed on the maintainers we rely on.

The issuance of Executive Order 140028 by the US President brought the imperative need for bolstering the nation’s cybersecurity into the public spotlight. This directive marked the inception of the SBOM frenzy, which gained further momentum with the introduction of the Securing Open Source Software Act of 2022 by Congress. As if that was not enough, the EU joined the movement toward supply chain security with the release of the NIS2 directive.

Fantastic! We now possess the ultimate solution to address all supply chain issues: the Software Bill Of Materials (SBOM). Does this mean our work is complete?

Regrettably, that is not the case. Effectively harnessing the power of SBOMs necessitates acquiring knowledge about:

What information an SBOM can provide and how it can assist us.
Which tools are suitable for SBOM utilization.
How to effectively utilize these tools.
Understanding their functionality and operation.
Familiarity with related formats.

This session will address each of these questions comprehensively. We will delve into the inner workings of SBOMs and elucidate how they facilitate more efficient vulnerability resolution compared to dependency scanning.

Additionally, we will explore how SBOMs offer broader protection. We will also discuss where SBOMs fit within your DevSecOps pipeline and the valuable intelligence they can offer to various stakeholders within your organization, ranging from technical to legal domains.

The practical examples presented will focus on the following:

Syft: For SBOM generation and transformations (converting between different formats).
Grype vs. Bomber: For vulnerability scanning and intelligence gathering.


Interested in learning more about mindit.io and how we can help you and your business thrive through software product engineering? Drop us a line, or follow us on LinkedIn for our latest updates!

Distribute:

/turn your vision into reality

The best way to start a long-term collaboration is with a Pilot project. Let’s talk.