Support for api-resolver as a technique

CycloneDX / specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

https://cyclonedx.org/

Apache License 2.0

337 stars 57 forks source link

Support for api-resolver as a technique #443

Open prabhu opened 2 months ago

prabhu commented 2 months ago

The documentation for swhid suggests to include an evidence for identity.

Often the swhid could be obtained by performing a search (manual and automated) on the official site https://archive.softwareheritage.org

Consider adding api-resolver as a technique and the value being the full search url used to retrieve the IDs.