Lab 3: Trusted Profile Analyzer (TPA)
Overview
Trusted Profile Analyzer (TPA) ingests SBOMs (Software Bill of Materials) and vulnerability data to produce trust profiles for your software artifacts. It helps you understand the security posture of your software before and after deployment.
In this section you will complete the TPA-focused module from the TL3 lab.
Trusted Software Supply Chain with TPA (Module 8)
Complete Module 8: Trusted Software Supply Chain with TPA in the TL3 lab.
This module covers:
-
Correlating data across software artifacts
-
Uploading SBOMs and other software artifacts to TPA
-
Analyzing the security posture of your software
-
Examining licensing compliance
Summary
You have used TPA to analyze your software supply chain, assess vulnerabilities, and review licensing compliance.
Next Steps
Proceed to End-to-End TSSC Pipeline to bring everything together.