Explore the world of Software Bill of Materials (SBOM) in this informative 50-minute conference talk by Steve Springett, Sr Manager of Secure Software Engineering at ServiceNow. Dive into the importance of transparency in the software supply chain and learn effective strategies for utilizing the OWASP CycloneDX SBOM standard to make informed risk-based decisions. Discover the minimum elements of an SBOM as mandated by the White House Executive Order and understand why exceeding these requirements can be beneficial. Examine real-world use cases that demonstrate common software supply chain scenarios and how they can be represented and communicated using CycloneDX. Gain valuable insights into conquering the challenges of software supply chain security and leveraging SBOM to enhance your organization's risk management practices.
SBOM SmackDown - Conquering Software Supply Chain Risks with OWASP CycloneDX
Overview
Syllabus
SBOM SmackDown: Conquer dragons in the shadows with OWASP CycloneDX - Steve Springett
Taught by
OWASP Foundation
Related Courses
-
Supply Chain Risk Management with OWASP Dependency-Check
-
OWASP CycloneDX - Software Bill of Materials Standard
-
Secure Software Supply Chain for CSSLP®
-
Measure and Improve Software Supply Chain Assurance with OWASP SCVS
-
OWASP Dependency Track - Software Composition Analysis and Vulnerability Management
-
Software Bill of Materials (S-BoM) - Reducing Risk in Third-Party Components
