Overview
Learn how a major corporation successfully implements Software Bill of Materials (SBOM) collection and leverages them for enhanced vulnerability management in this DEF CON conference talk. Discover the practical approaches Schneider Electric used to modify policies and processes for collecting, generating, and storing thousands of SBOMs. Explore real-world applications through case studies of the Log4j and OpenSSL vulnerability events, demonstrating how SBOMs can streamline security response times. Gain valuable insights into overcoming common SBOM implementation challenges, along with key learnings and suggestions for improving your organization's vulnerability management practices through effective SBOM utilization.
Syllabus
DEF CON 32 - The Missing Link How we collect and leverage SBOMs - Cassie Crossley
Taught by
DEFCONConference