2022-03-29 BusinessWire – Anchore to Contribute Grype Open Source Vulnerability Data to the Global Security Database

2022-04-26 Threatpost – Firms Push for CVE-Like Cloud Bug System

2022-05-20 TheNewStack – SBOM Everywhere: The OpenSSF Plan for SBOMs

2022-06-08 SC Magazine – Security leaders call for centralized database to help standardize bug disclosure for the cloud

2022-06-14 DARK Reading – Google: SBOMs Effective Only if They Map to Known Vulns

2022-08-02 CSOOnline – How OpenSSF Scorecards can help to evaluate open-source software risks