Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use?
Segment Resources:
https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/
Steve guides teams in both the strategy and execution of secure software development. He integrates security throughout the entire development lifecycle, leading efforts in threat modeling, secure architecture and design, static, dynamic, and component analysis, offensive research, and defensive programming.
Steve’s passionate about helping organizations identify and reduce risk from the software supply chain. He is an open source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS), and Chairs the OWASP CycloneDX Core Working Group and Ecma International TC54.
Steve serves as Vice Chair on the Board of Directors of the OWASP Foundation where he helps drive the continued growth of the foundation and the pursuit of its mission to make secure software a reality through open collaboration, education, and innovation.
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
