SBOMS for Evil: How Evil are they? – Larry Pesce – RSA24 #2
Software security is more critical than ever before, with cyber threats continuing to evolve. SBOMs (Software Bill of Materials) provide a comprehensive inventory of all components used in a software package, including their versions and dependencies. This transparency and visibility into the software supply chain enable organizations to make informed decisions about the security of their applications. Join us to learn how SBOMs can enhance penetration testing, by taking “SBOMs for Good,” and making them “SBOMs for Evil.”
Guest
A self-professed, lifelong “tinkerer and explorer,” Larry always wanted to know how things work. “I found myself getting to engage in deep dives of technology from an early age: My dad built the family television from a kit, and I helped. It caught fire. Twice. I helped fix it both times.”
The help and advice received from the infosec community throughout his career inspired him to share what he had learned to help others secure their networks and improve their craft. Part of that ongoing sharing has been as the co-founder and co-host of the international award winning Paul’s Security Weekly podcast for more than 19 years.
Larry has spent the last 15 years as a penetration tester, spending lots of time focused on Healthcare, ICS/OT, Wireless, and IoT/IIoT/Embedded Devices, but now focuses his efforts on securing the software supply chain at Finite State.