Careers, Security awareness

The Rise of the SBOM – Steve Springett – ESW #226

Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use?

Segment Resources:

https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/

Full episode and show notes

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Steve Springett
Steve Springett
Chair at CycloneDX SBOM Standard, Core Working Group

Steve educates teams on the strategy and specifics of developing secure software.

He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive programming techniques.

Steve’s passionate about helping organizations identify and reduce risk from the use of third-party and open source components. He is an open source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS) project, CycloneDX software bill of material standard, and participates in several related projects and working groups.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad