Security Weekly
Application Security WeeklySubscribe

Dad Jokes – ASW #88

This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at the NTIA US Department of Commerce, to talk about the Software Bill of Materials! In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update toolset, and Java vs. Python: Which should you choose?

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Software Bill of Materials (SBOM) – Allan Friedman – ASW #88

Allan Friedman is the Director of Cybersecurity Initiatives of NTIA (National Telecommunication and Information Administration) US Dept of Commerce. The problem: unknown software supply chain. Following a newly identified software risk, very few firms can answer the simple question: Am I affected? An overview of the solution: what is an SBOM, and how is it used. Where we are: some background on why the govt is doing this, the results thus far, and where we are going next. Potential to discuss regulation, govt policy, etc.

Guest

Allan Friedman
Allan Friedman
Director of Cybersecurity Initiatives at NTIA (National Telecommunication and Information Administration) US Dept of Commerce

Dr. Allan Friedman is Director of Cybersecurity at the National Telecommunications and Information Administration in the US Department of Commerce. He coordinates NTIA’s multi-stakeholder processes on cybersecurity, convening cross-sector working groups with a focus on resilience in a vulnerable ecosystem. This has included pioneering government engagement on coordinated vulnerability disclosure, IoT security, and software component transparency. Prior to joining the Federal government, Friedman spent over 15 years as a noted cybersecurity and tech policy scholar at Harvard’s Computer Science Department, the Brookings Institution and George Washington University’s Engineering School. He is the co-author of the popular text Cybersecurity and Cyberwar: What Everyone Needs to Know, has a degree in computer science from Swarthmore College and a PhD in public policy from Harvard University.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
John Kinsella
John Kinsella
Co-founder & CTO at Cysense

Related

Cloud Security
Splunk Acquisition and The Blob with Allie Mellen – ESW #333

This week, we changed things up a bit for the news segment and Allie Mellen joins us as a surprise guest host! We discuss Cisco's Splunk acquisition and what it means for Splunk customers, and "The Blob" - Allie's term describing the negative forces responsible for much of the overhyped marketing, silly trends, and substandard products we see in th...