Internship: Software Bill Of Material (SBOM) for ClickShare product (Security)

Apply now »

Date: Feb 26, 2025

Location: Kortrijk, BE

Company: Barco

Barco

Barco designs technology that makes everyday life a little better. Seeing beyond the image, we develop hardware, software, and service solutions to help you work together, share insights, and wow audiences. Our focus is on three core markets: Enterprise (from meeting and control rooms to corporate spaces), Healthcare (from the radiology department to the operating room), and Entertainment (from movie theaters to live events and attractions). Our solutions make a visible impact, allowing people to enjoy compelling entertainment experiences, to foster knowledge sharing and smart decision-making in organizations and to help hospitals provide their patients with the best possible healthcare. Headquartered in Kortrijk (Belgium), Barco has a global team of 3,000+ employees, whose passion for technology is captured in +500 granted patents. 

 

The task at hand 

With upcoming regulations, the creation of a Software Bill of Materials (SBOM) will become mandatory to be able to release (software) products to the markets. We can already create SBOM's for our products but cannot yet use them in an effective way (they require (partial) manual analysis). We would like to use our SBOM's to obtain automated CVE reporting by integrating analysis tooling into our pipelines that can upload an SBOM into Dependency-Track, and then make use of the API of Dependency-Track to report on newly found CVE's, as well as generating release reports for when a software version gets released to the public. 

Internship goals:

  • Create scripts that generate the SBOM on each build and upload it to our Dependency-Track instance 

  • Write tooling to query the Dependency-Track instance to: 

  • report any new CVE's with a sufficiently high score back to a group of people (i.e. Jira tickets, mail, Teams message, ...) 

  • generate/retrieve a report of open CVE's for a given firmware version

 

Qualifications

  • Android knowledge 

  • Security background

Furthermore, you should be a student in a technical discipline, eligible to work at our HQ in Kortrijk, Belgium.

Apply now »