Skip to content

Updated Abstract and Bio of the BOMnipotent presentation. #135

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 10, 2025
Merged

Updated Abstract and Bio of the BOMnipotent presentation. #135

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 18 additions & 16 deletions content/community-days/2025.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -296,22 +296,24 @@ and the CSAF Management System [ISDuBA](https://github.com/ISDuBA/ISDuBA).

#### Speaker: Simon Heidrich (Weichwerke Heidrich Software)

**Abstract:** BOMnipotent is a server-client application pair for managing supply
chain security documents, specifically SBOMs and CSAF documents. It
contains an access management system based on roles and TLP labels, and
acts as a CSAF Trusted Provider. The development focus is on security,
reliability and ease of use. The client is free to use, but fully
operating the server requires a paid subscription for commercial
entities. For non-commercial entities, BOMnipotent is completely free in
all its facets.

**Bio:** I, Simon Heidrich, am a long time developer with a passion for
Rust and Cybersecurity. Born 1992 in Duisburg, my background includes a
study of theoretical physics in Heidelberg. In 2022, a while after my PhD,
I became employed at AUNOVIS GmbH as a software engineer. There, I later
took on the role and responsibilities of the Cybersecurity Officer. In
2024 I founded the sole proprietorship Weichwerke Heidrich Software to
develop BOMnipotent.
**Abstract:** BOMnipotent is a server-client application pair for managing
SBOMs and CSAF documents. It contains an access management system based on
roles and TLP labels, and acts as a CSAF Trusted Provider. The development
focus is on security, reliability and ease of use. The client is free to use,
but fully operating the server requires a paid subscription for commercial
entities. For non-commercial entities, BOMnipotent is completely free in all
its facets. This demo focuses on BOMnipotent Client, demonstrating how it
concisely displays data about various aspects of supply chain security documents.
It will also cover BOMnipotent's answer to the problem of matching SBOM
components with CSAF advisories. The presentation ends with CWEnum, an open-source
Rust library for completely local CWE interactions like compile-time checks and deserialisation.

**Bio:** Simon Heidrich is a software developer with a passion for Rust and
Cybersecurity. Their background includes a study of theoretical physics at
Heidelberg University. After leaving academia, Simon became employed at AUNOVIS
GmbH as a software engineer. There, they later took on the role and responsibilities
of the Cybersecurity Officer. In 2024 Simon founded Weichwerke Heidrich Software
to develop BOMnipotent.

{{< /session-card >}}

Expand Down