Olivier Benjamin
Olivier Benjamin is a security engineer with 13 years of experience. He
joined Bootlin in 2024. Prior to joining Bootlin, he has worked in
various security roles, on the offensive side doing vulnerability
research for french firm Quarkslab and reverse engineering for the
french Ministry of Defence, as well as in incident response at AWS.
Session
We are happy to announce the first release of a brand new open-source project: sbom-cve-check, a lightweight CVE analysis tool for your Software Bill of Materials (SBOM). Written in Python, with minimal dependencies and a very simple workflow in mind, sbom-cve-check will parse your SBOM (SPDX v2.2 or SPDX v3.0 currently supported), and using publicly available databases of security vulnerabilities, will generate a report of known security vulnerabilities affecting the software components listed in your SBOM.