Explore a groundbreaking research initiative by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) aimed at enhancing critical infrastructure protection through open-source software (OSS) prevalence efforts. Delve into the development of an end-to-end methodology designed to identify, analyze, and risk-assess IT and OT devices on networks. Learn how this ambitious project aims to parse individual software and firmware components, identify OSS within each layer, and generate cyber vulnerability scores. Discover the potential for creating and managing Software and Firmware Bills of Materials (SBOMs and FBOMs) to track and update devices based on vulnerability disclosures from CISA and other authoritative sources. Gain insights into this crucial capability that promises to revolutionize OSS management and bolster cybersecurity across critical infrastructure sectors.
DHS Supporting Critical Infrastructure Through Open-Source Software Prevalence Effort
Overview
Syllabus
DHS Supporting Critical Infrastructure Through Op... - Scott Andersen & Juan Lopez & Olga Livingston
Taught by
Linux Foundation
Tags
Related Courses
-
Japan's Critical Infrastructure - Open Source Evolution in Software Development
-
What's in a Name - Vulnerabilities, SBOMs, and the Challenge of Software Identity
-
SBOMs, VEX, and Kubernetes - Software Supply Chain Security in Cloud Native Environments
-
Generating Software Bill of Materials Through Hardware Hacking - A Case Study of Bob the Minion Router
-
How to Reduce CVE Noise with VEX - Vulnerability-Exploitability eXchange
-
From Log4shell to OpenSSL - Reflections on a Year of Open Source Software Security
