Overview
Explore the world of Software Bill of Materials (SBOM) in this informative 50-minute conference talk by Steve Springett, Sr Manager of Secure Software Engineering at ServiceNow. Dive into the importance of transparency in the software supply chain and learn effective strategies for utilizing the OWASP CycloneDX SBOM standard to make informed risk-based decisions. Discover the minimum elements of an SBOM as mandated by the White House Executive Order and understand why exceeding these requirements can be beneficial. Examine real-world use cases that demonstrate common software supply chain scenarios and how they can be represented and communicated using CycloneDX. Gain valuable insights into conquering the challenges of software supply chain security and leveraging SBOM to enhance your organization's risk management practices.
Syllabus
SBOM SmackDown: Conquer dragons in the shadows with OWASP CycloneDX - Steve Springett
Taught by
OWASP Foundation