Technical Summary
To improve cybersecurity posture, automation is necessary to locate
what software is running on a device, whether that software has known
vulnerabilities, and what, if any recommendations suppliers may have.
This memo extends the MUD YANG model to provide the locations of
software bills of materials (SBOMS) and to vulnerability information.
Working Group Summary
No, it seemed to go smoothly, and got a few good WG last call reviews.
Document Quality
The authors indicate that they are working on an implementation.
Personnel
Rob Wilton is the Responsible AD
Qin Wu is the Doc Shepherd.