Shows
Sushi BytesWhat’s in Your SBOM?Your software has a supply chain. Your SBOM is supposed to tell you what’s inside. But what makes a Software Bill of Materials truly useful; and why is everyone suddenly asking for one? In this episode of Sushi Bytes, Shinobi unpacks what an SBOM is, why regulatory pressure is turning it from best practice to business-critical and why spinning off “AI-BOMs” and “API-BOMs” just adds noise. Software is software. Let’s keep it simple… and get it right.
2025-11-1305 min
Exploited: The Cyber TruthWhat the 2025 SBOM Minimum Elements Mean for Software Supply Chain SecurityCISA and DHS have raised the bar for software transparency with the first major update to the Minimum Elements for an SBOM since 2021—expanding what every software supplier must disclose. But what does this really mean for developers, embedded system teams, and security leaders trying to protect critical infrastructure?
In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security’s Kelli Schwalm and CEO Joseph Saunders to unpack the technical and strategic impact of the 2025 SBOM draft.
Kelli explains key additions like component hashes, generation context, and transitive dependencies, and...
2025-10-2333 min
What's in the SOSS? An OpenSSF PodcastFrom Manager to Open Source Security Pioneer: Kate Stewart's Journey Through SBOM, Safety, and the Zephyr ProjectIn this episode of What’s in the SOSS, CRob has an inspiring conversation with Kate Stewart, a Linux Foundation veteran who took an unconventional path into open source as a manager rather than a developer, navigating complex legal challenges to get Motorola's contributions upstream. Now a decade into her tenure at the Linux Foundation, Kate leads critical initiatives in safety-critical open source software, including the Zephyr RTOS project and ELISA, while being instrumental in the evolution of SPDX and Software Bill of Materials (SBOM). She breaks down the different types of SBOMs, explains how the Zephyr project became a...
2025-09-2334 min
The DevOps Kitchen Talks’s PodcastDKT82 - Radar 32: AI-ассистенты, Observability, SBOM, UV/RenovateРазбираем Thoughtworks Technology Radar Vol.32: где Adopt/Trial/Hold и что реально полезно DevOps-командам в 2025. AI-ассистенты (Cursor, QCLI, Claude), Observability (OpenTelemetry, Alloy/Loki), безопасность (SBOM) и практичные инструменты.
О ЧЁМ ВЫПУСК
• Как читать Tech Radar и зачем он инженерам/архитекторам.
• AI-ассистенты для кодинга: опыт Copilot, Cursor, QCLI (Claude Sonnet), цены и риски.
• Observability сейчас: OpenTelemetry, Grafana Alloy, Loki v3, зачем это бизнесу.
• Безопасность: почему SBOM в Adopt и как это помогает на проектах.
• Архитектурные решения без бюрократии: ADR, ответственность команд.
• Инструменты из «Тулов»: UV (Python), Renovate, Vite, D2/JSON Crack, и где они заходят.
ССЫЛКИ
💰 Поддержать наш подкаст — https://www.patreon.com/c/devopskitchentalks
ПОДКАСТ
📹 YouTube — https://www.youtube.com/channel/UCXJ196NygANaBHg_KznKXag
🍏 Apple Podcasts — https://apple.co/41O6mqA
🎧 Spotify — https://t.ly/Jg5_2
📻 Yandex Music — https://music.yandex.ru/album/10151746
🎤 PodBean — https://devopskitchentalks.podbean.com
НАВИГАЦИЯ
00:00:00 Вступление и кто в выпуске
00:02:00 Мини-отчёт с конфы: лампово, но с фейлами техники
00:06:35 Что такое Tech Radar и зачем он DevOps
00:08:00 Секции и кольца: Adopt/Trial/Assess/Hold
00:11:20 Почему «брендовые тулы» редко попадают в раздел Tools
00:11:50 Что реально забрали из прошлых выпусков (Skopeo, доки, Karpenter)
00:15:20 Главная тема...
2025-09-101h 41
The SoftwarePlaza IT PodcastBeyond Compliance: Neil Levine Reveals How Anchore is Revolutionizing SBOM ManagementJoin us for an insightful conversation with Neil Levine, SVP Product at Anchore, as we dive into the evolving world of Software Bill of Materials (SBOMs).Discover how SBOMs are transitioning from mere compliance necessities to powerful tools for enhancing software supply chain security. Neil shares Anchore's latest product release, focusing on critical features like "Bring Your Own SBOM" for diverse SBOM management, and the innovative Anchore Rank for prioritizing vulnerabilities.Learn about the operational challenges organizations face with SBOM sprawl and quality, and get a glimpse into the future of SBOM insights and automation.
2025-07-2837 min
Daily Cyber Security NewsWhat Is an SBOMAn overview of cybersecurity SBOM, focussing on introduction to sbom
2025-05-0802 min
BuzzZoomSBOM
Was ist eigentlich SBOM (Software Bill of Materials)?
Veröffentlicht am 29.01.2025
Kommt in unseren Matrix Chat!
Links zu den Feeds
Unterstützen
NEU: BuzzZoom im Fediverse!
Software-Lieferkette – Wikipedia
Was ist SBOM
BSI – Schwachstelle in Java Bibliothek log4j
Software Package Data Exchange – Wikipedia
SPDX – Linux Foundation Projects Site
xkcd: Dependency
Musik von MDKIntro & Outro: MDK – Super Ultra (Smooth Jazz Remix)MDK auf YouTube
Der Beitrag BZ103 SBOM erschien zuerst auf BuzzZoom.de.
2025-01-2946 min
Nerding Out With Viktor (audio only)A deep dive into the SBOM format SPDX with Kate Stewart and Gary O'NeallIn this episode of "Nerding Out with Viktor," Kate Stewart from the Linux Foundation and Gary O'Neall, a long-time SPDX contributor, join Viktor to explore the evolution and impact of SPDX (Systems Package Data Exchange) in software transparency. The conversation traces SPDX's journey from its origins in license compliance to its current pivotal role in security and vulnerability tracking, revealing how this open standard is shaping modern software development practices.
Kate and Gary provide deep technical insights into the challenges teams face when generating accurate Software Bills of Materials (SBOMs), including complex scenarios involving circular dependencies and component...
2025-01-1750 minNerding Out With ViktorA deep dive into the SBOM format SPDX with Kate Stewart and Gary O'NeallIn this episode of "Nerding Out with Viktor," Kate Stewart from the Linux Foundation and Gary O'Neall, a long-time SPDX contributor, join Viktor to explore the evolution and impact of SPDX (Systems Package Data Exchange) in software transparency. The conversation traces SPDX's journey from its origins in license compliance to its current pivotal role in security and vulnerability tracking, revealing how this open standard is shaping modern software development practices.
Kate and Gary provide deep technical insights into the challenges teams face when generating accurate Software Bills of Materials (SBOMs), including complex scenarios involving circular dependencies and component...
2025-01-1750 min
SE CORNEREP178 - Software Bill of Materials (SBOM) คืออะไร?EP นี้เอาเรื่อง Software Bill of Materials (SBOM) มาเล่าให้ฟังกันครับ ว่ามันคืออะไร? เกิดมาเพราะอะไร? และมีประโยชน์อย่างไร? ไปลองฟังกันใน EP นี้ครับ
SBOM FAQ: https://www.cisa.gov/sites/default/files/2024-07/SBOM%20FAQ%202024.pdf
Apple Podcast: https://podcasts.apple.com/th/podcast/se-corner/id1579358417
Spotify: https://open.spotify.com/show/0hyZX5MY0khHqOY8NaEvUX
Google: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy82MDlmZjJiYy9wb2RjYXN0L3Jzcw==
Spotify for Podcaster: https://podcasters.spotify.com/pod/show/se-corner
YouTube: https://www.youtube.com/@secorner9359
Pocket: https://pca.st/5mzikb1e
Radio Public: https://radiopublic.com/se-corner-WRm71e
2024-12-2207 min
todo:cast - Developer PodcastFolge 103: Software Bill of Materials (SBOM)In dieser Folge werfen wir einen Blick auf die Software Bill of Materials (SBOM) – eine digitale Stückliste für Software, die detailliert auflistet, welche Komponenten und Abhängigkeiten in einer Anwendung verwendet werden. Wir besprechen, warum SBOMs immer wichtiger werden – von der Identifikation von Sicherheitslücken bis hin zur Einhaltung rechtlicher Vorgaben wie dem Cyber Resilience Act oder DORA. Außerdem diskutieren wir, welche Tools und Formate wie CycloneDX und SPDX bei der effizienten Erstellung unterstützen. Abschließend besprechen wir, wie SBOMs in den Entwicklungsprozess integriert werden können und welche Best Practices dabei helfen.
2024-12-0241 min
The ITSM Practice: Elevating ITSM and IT Security KnowledgeThe Importance of Software Transparency in SaaS: Why You Need an SBOMIn this informative episode of "The ITSM Practice," Luigi Ferri delves into the critical role of Software Bill of Materials (SBOM) in enhancing software security and building trust. He explains how SBOM acts as a comprehensive ingredients list for software, essential for tracking components and managing vulnerabilities like the infamous Log4j exploit. Luigi emphasizes the importance of SBOMs for regulatory compliance, risk management, and fostering trust with customers in SaaS environments.
In this episode, we answer to:
What is an SBOM and why is it compared to an ingredients list for...
2024-10-2907 min
IT-säkerhetspoddenSBOM i praktikenHöstens första podd från SIG Security är här! Som vanligt bjuds det på ett aktuellt ämne från en av föreläsningarna under en FOKUS-kväll. Det är Ronny Engelin som beskriver SBOM och hur det påverkar leverantörer som arbetar i öppen källkod. De kommande EU-reglerna i CRA (Cyber Resilience act) skall värna konsumenternas säkerhet avseende digitala produkter. Men vad innebär detta för företag och leverantörer? Och hur kan SBOM (Software Bill of Materials) nyttjas i sammanhanget? SBOM i praktiken innebär att IT-säkerhetspodde...
2024-08-2436 min
Der Industrie Podcast des VDMASBOM: Die Zutatenliste für SoftwareanwendungenRechtzeitige Vorbereitung ist wichtig, um digitale Produkte lückenlos weiter verkaufen zu können.
Mit dem Inkrafttreten des Cyber Resilience Act 2027 wird die Software Bill of Materials (SBOM) für Unternehmen verpflichtend. Die SBOM ist ein detailliertes Inventar aller Bestandteile einer Softwareanwendung und ermöglicht einen lückenlosen Überblick über die eingesetzten Komponenten. Der VDMA empfiehlt Unternehmen, sich frühzeitig vorzubereiten, um digitale Produkte weiterhin erfolgreich verkaufen zu können. In der neuesten Folge des VDMA Industrie Podcasts spricht Tobias Pfeiffer, Product Security Officer bei Festo, über die Chancen und Herausforderungen der Einführung einer SBOM. Maximilian Moser, Referent Industrial...
2024-08-1220 min
Left to Our Own DevicesBonus Episode: Dr. Allan Friedman Returns: CISA SBOM-a-Rama 2024In this episode, Dr. Allan Friedman from CISA returns to discuss the upcoming SBOM-a-Rama, a pivotal event in supply chain cybersecurity. He shares insights on the evolution of SBOMs, the significance of community collaboration, and what to expect from this year's hybrid event, including a showcase of innovative SBOM solutions.
2024-08-0722 min
Automating QualityEpisode 58: Discovering AIBOM and the Future of SBOM with Joseph SilviaWelcome to Automating Quality, the life sciences-centric show that bridges the gap between automation and quality management systems. This episode is the second in a two-part series discussing the Software Bill of Materials (SBOM) with guest Joseph Silvia. In this episode, we discuss the definition of AIBOM, how it differs from SBOM, and take an educated guess at their future. Joseph is the CEO of MedWareCyber, a consulting firm specializing in FDA readiness, cybersecurity, and software readiness for the medical devices industry. He is extremely knowledgeable about the regulatory landscape, and we frequently refer to him for...
2024-08-0615 min
Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awarenessEp. 163 Beyond the SBOM for Secure Software Development Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Everyone likes to hit the "Easy" button, especially software developers. Rather than laboriously generate code line-by-line, today's software professionals may just grab code from a repository and re-purpose it. Why reinvent the wheel? Malicious actors have noticed this process and have inserted code into many libraries, acting like a like Trojan Horse. As a result, so...
2024-07-1134 min
Secure LiaisonSBOMについてワイワイ話す会(収録日: 2024/06/06)
# 感想はSNSでハッシュタグ「#secure旅団 #secureLiaison」やGoogle Formにいただけると嬉しいです。
# 内容
@EurekaBerryさん登場
ひとくちPKI
2020年近くのSBOMの概要 - 国家安全保障
サプライチェーンとは何を指すのか
2010年近くのSBOMの概要 - Component管理、透明性管理
本邦におけるSBOMは?
各機関におけるSBOM
Metiの「ソフトウェア管理に向けたSBOMの導入に関する手引」
厚生労働省
(米)FDA
attestation可能な方法での配布パイプライン
2020年におけるニーズの高まりからよりその課題は高まった
SLSA, CICD
OSSとSBOM
PowershellのSBOM
まとめ
# 参照
https://whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
https://csrc.nist.gov/glossary/term/sbom
https://www.meti.go.jp/press/2024/04/20240426001/20240426001.html
EU’s Cyber Resilience Act
#積ん読
なし
# 参加者: @EurekaBerry、@Wireworkes、@ken5scal
2024-06-211h 05
Relating to DevSecOpsEpisode: #070: Putting da BOM in SBOM and SCASend us a textKen and Mike discuss supply chain security, including software composition analysis (SCA) and software bill of materials (SBOM). They highlight the importance of understanding the components that make up your software and the risks associated with using third-party libraries. They also discuss recent supply chain failures, such as the XZ library hack and the SolarWinds attack. The hosts emphasize the need for organizations to stay up to date with software patches and to consider the security of commercial off-the-shelf software. They caution against placing too much focus on any one security tool or...
2024-05-0839 min
Faith TapesDan Garland - Revitalizing the Church with the Contagiousness of the GospelDan Garland, at the 2015 State Evangelism Conference, uses Acts 3 to deliver a message on what the church really needs. Be encouraged and equipped by his message that what your church and local context needs is for Jesus to be contagious in your life. Faith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear messages delivered by pastors at our events held throughout the year or raw interviews. This ministry is made possible by your gifts through the Cooperative Program.
2024-01-0435 min
One Mission PodcastCraig Carlisle - One MissionCraig Carlisle, Director of Missions at the Etowah Baptist Association, joins Dr. Lance for this episode to discuss his newly elected role of president of the Alabama Baptist State Convention. You'll get to know him more as he shares about his background and family, but also you'll learn his dream for what being the president will look like. As the historically first elected Director of Missions as president he is excited about leaning into that experience to inform his tenure as president. In the episode you'll hear about one of the newest resources available to Alabama Baptists...
2024-01-0427 minOne Mission PodcastScotty Goldman and Drew Moss - One MissionIn the December spirit of Lottie Moon, Dr. Lance is joined by Scotty Goldman, director of Global Missions, and one of our Alabama Missionaries, Drew Moss. Drew's family, journey to becoming a missionary, and current work take center stage in this episode. You'll be informed by the state of the work in England and the partnership of the State Board and encouraged by the testimony of God's movement of the Spirit in the ministry of the Moss family. a18c.orgThe Global Missions website for connecting with other missionaries and growing in your own ministries.
2023-12-1131 min
OODAcastEpisode 117: Leading Cyber Change: Allan Friedman on the Revolution of SBOM & Future Cybersecurity Initiatives Allan Friedman is a senior strategist at CISA (the Cyber Security and Infrastructure Security Agency) where he coordinates all of their cross-sector activities on the topic of SBOM: The Software Bill of Materials. Allan is widely known as a change agent in both the public and private sector. In government he led initiatives that created positive change in major community-wide initiatives around vulnerability disclosure and vulnerability management. He also championed efforts that made dramatic improvements in the ability to reduce risk due to the proliferation of Internet of Things devices including championing ways...
2023-12-0542 min
The Open Source WayThe Growing Importance of Software Bills of Materials (SBOM)In this episode, our host Karsten Hohage talks to Max Mehl and Sebastian Wolf about Software Bills of Materials or SBOMs. An SBOM is a detailed record of all components within a software application, including open-source libraries, third-party dependencies and licenses. Max and Sebastian discuss the importance of SBOMs as well as some challenges and unanswered questions of the state of the art. They also speak with Karsten about SBOMs within SAP and Deutsche Bahn and the importance of SBOMs when it comes to open source.
Guests:
Max Mehl
Max has been committed...
2023-11-2936 min
Tech TransformsUnraveling SBOM Challenges: AI, Transparency and Policy Perspectives in Software SecurityMeet the man on a mission to make software bill of materials (SBOMs) boring. In this So What? episode, Tracy Bannon and Carolyn Ford sit down with Allan Friedman the Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency (CISA). Allan tells us about how he is working to change how all software on the planet is made and sold, no big deal right? Join us as we dive into the world of SBOMs, xBoMs, and Secure by Design.Key Topics03:59 Track open source licenses, establish shared vision.08:47 Discussing US government requirements, diversity in...
2023-11-1546 min
Tech TransformsUnraveling SBOM Challenges: AI, Transparency and Policy Perspectives in Software SecurityMeet the man on a mission to make software bill of materials (SBOMs) boring. In this So What? episode, Tracy Bannon and Carolyn Ford sit down with Allan Friedman the Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency (CISA). Allan tells us about how he is working to change how all software on the planet is made and sold, no big deal right? Join us as we dive into the world of SBOMs, xBoMs, and Secure by Design.Key Topics03:59 Track open source licenses, establish shared vision.08:47 Discussing US government requirements, diversity in...
2023-11-1446 min
The Security TableAn SBOM LifecycleAditi Sharma joins Matt, Izar, and Chris around the Security Table to discuss Software Bill of Materials (SBOMs). The team discusses potential advantages as well as challenges of SBOMs in different contexts such as SaaS solutions, physical products, and internal procedures. The episode also explores the importance of knowing what software components a company is consuming and the significance of SBOM for vulnerability management and risk posture. The team concludes by stressing that while SBOM has great potential value, the value realization is still a work in progress.Links:Chris' LinkedIn post about the...
2023-11-1445 minOne Mission PodcastHarrison Smith - One MissionHarrison Smith of Alliance Defending Freedom, joins Dr. Lance for a discussion on current political and legal issues confronting the church in America. Harrison provides 3 current topics that are here and coming soon that the American church is having to deal with. You might be surprised at some incoming challenges and it will help you to be informed as you prepare for possible challenges in your ministry. Harrison also shares personally and Dr. Lance provides his perspective on our current culture.----The Alabama Baptist State Board of Missions has teamed up with ADF Church Alliance s...
2023-11-0930 minThe Security TableAn SBOM FableJoin Chris, Matt, and Izar for a lively conversation about an article that offers 20 points of "essential details" to look for in a Software Bill of Materials (SBOM). They dissect and debate various points raised in the article, including generating SBOMs, the necessary components, and how to gauge the quality of this digital inventory. Their critique is both insightful and humorously candid, and they will offer you a tour through the often complex world of software documentation.Hear about topics ranging from open source dependency tree, the necessity – or not – of manual SBOM generation, and the importance of a...
2023-11-0837 minOne Mission PodcastLonette Berg - One MissionIn this episode, Dr. Lance visits with Lonette Berg, Executive Director of the Alabama Baptist Historical Commission. He takes this opportunity to discuss with her, her personal background, the work of the historical commission, some funny stories from their time sharing with churches, reflections on retirement and the upcoming bicentennial celebration at the 2023 Alabama Baptist State Convention.You'll be encouraged by the reflections Rick and Lonette share on retirement, their time shared together in front of many church and historic celebrations, and what it means to celebrate history. Lonette is such a well-loved figure in Alabama Baptist...
2023-10-2626 min
The Application Security PodcastHasan Yasar -- Actionable SBOM via DevSecOpsHasan Yasar believes that everyone shares the responsibility of creating a secure environment, and this can only be achieved by working collaboratively. He underscores the idea that security is not an isolated endeavor but a collective effort, urging everyone to come together and build a world where safety and security are paramount.Yasar also shares his thoughts about education and security. He highlights the need for integrating security concepts right from the foundational levels of teaching programming languages. By introducing concepts like input validation and sanitization early on, students can be better equipped to handle security challenges...
2023-10-1648 min
Business of Tech: Daily 10-Minute IT Services InsightsGartner Predicts 14.3% Boost in Security Spending by 2024, Updates in Email, MFA, and SBOM, Investors Continue to Pour Money into SecurityIn this episode of the Business of Tech, we delve into the world of cybersecurity. Firstly, we discuss Gartner's prediction of a 14.3% boost in security spending by 2024, driven by factors such as the adoption of cloud, hybrid workforce, generative AI, and evolving regulatory environment. We then explore the cautionary message from the FBI on evolving ransomware tactics, including dual attacks within 48 hours. Next, we touch on Patching Metrics 101, which offers new ways to measure cybersecurity health. Lastly, we examine how tech giants and startups are tackling security, with updates on email, MFA, and SBOM. Additionally, we discuss the decrease...
2023-10-0411 min
Web security news (ベライゾン)ソフトウェアの部品表“SBOM”とは?最近注目を集めている「SBOM(Software Bill Of Materials)」。OSSの利用が当たり前になってきている現代だからこそ「SBOM」の標準化が求められます。アメリカでの動きから見る、今後の日本企業の対応やその活用のメリット・デメリットとは?
2023-10-0216 min
Business Innovators RadioInterview with Justin Leger, Chief Operating Officer with Cybeats Discussing SBOM StudioJustin, with a blend of military and corporate leadership, catalyzed the expansion of Cybeats as Chief Operating Officer and brings nearly 20 years of strategic and operational expertise, underscored by decorated service as a senior officer in Special Operations Forces.Learn more:https://www.cybeats.com/Influential Entrepreneurs with Mike Saundershttps://businessinnovatorsradio.com/influential-entrepreneurs-with-mike-saunders/Source: https://businessinnovatorsradio.com/interview-with-justin-leger-chief-operating-officer-with-cybeats-discussing-sbom-studio
2023-09-2118 minOne Mission PodcastPatty Burns and Belinda Stroud - One MissionThe State Missionaries over children and preschool ministries join Dr. Lance for a time of reflection on the impact of ministry to preschool and children. Belinda Stroud, Children's Specialist and Bible Drill Coordinator, shares some insight into her ministries and some stories that will move you with how God is using her efforts. Patty Burns, Preschool Ministry Specialist and VBS promoter, shares about her work with preschool ministries and some VBS numbers that demonstrate the power of the ministry in 2023. This includes Dr. Lance's own reflection on the power of VBS in helping him come to know the Lord...
2023-09-0720 minOne Mission PodcastGreg Davis - One MissionGreg Davis, President & Chief Executive Officer of Alabama Citizens Action Program (ALCAP), joins Rick Lance for a discussion about Greg's background and current work. You'll learn a little about Greg and what motivates him to the work, but this episode is also a great inside look about what is being done on behalf of Alabama Baptists with the Alabama legislature. Greg shares some current concerns and some future concerns Alabama Baptists might face. The conversation will also reflect on the leaders previous to Greg and the future of the ministry. You may find yourself motivated by this e...
2023-08-3126 min
The PrOTect OT Cybersecurity PodcastDaniel Bardenstein: Transparency and Trust With SBOMAbout Daniel Bardenstein: Daniel Bardenstein is the driving force behind Manifest, a pioneering software supply chain company revolutionizing how organizations manage SBOM lifecycles. As CTO and co-founder, he empowers enterprises to automate and streamline their processes. Daniel's remarkable journey includes pivotal roles such as Chief of Tech Strategy at CISA, where he orchestrated technology modernization and shaped critical cyber strategies. Notably, he spearheaded cybersecurity initiatives across the Department of Defense, safeguarding vital assets including COVID-19 vaccines. His expertise extends beyond tech, as he co-presides over Foresight Partners, providing essential cybersecurity aid to political campaigns. I...
2023-08-1051 min
The PrOTect OT Cybersecurity PodcastDaniel Bardenstein: Transparency and Trust With SBOMAbout Daniel Bardenstein: Daniel Bardenstein is the driving force behind Manifest, a pioneering software supply chain company revolutionizing how organizations manage SBOM lifecycles. As CTO and co-founder, he empowers enterprises to automate and streamline their processes. Daniel's remarkable journey includes pivotal roles such as Chief of Tech Strategy at CISA, where he orchestrated technology modernization and shaped critical cyber strategies. Notably, he spearheaded cybersecurity initiatives across the Department of Defense, safeguarding vital assets including COVID-19 vaccines. His expertise extends beyond tech, as he co-presides over Foresight Partners, providing essential cybersecurity aid to political campaigns. In this episode, Aaron and D...
2023-08-1051 min
(CS)²AI Podcast Show: Control System Cyber Security90: SBOM: The Future of Cybersecurity with Daniel BardensteinPrepare yourself for another captivating episode of the CS2AI Podcast! Today, we feature an exclusive interview with Daniel Bardenstein, a former USG official turned entrepreneur. Having recently launched a groundbreaking start-up centered on the critical concept of SBOM, Daniel brings a wealth of insider knowledge and experience to the table! Daniel is the Co-founder and Chief Technology Officer of Manifest, a pioneering company specializing in comprehensive SBOM management. Their core mission is to facilitate organizations in embracing this innovative and relatively new concept with utmost simplicity and automation. Through their state-of-the-art solutions, Manifest empowers bu...
2023-07-2534 minOne Mission PodcastBart Barber - One MissionDr. Bart Barber, pastor of First Baptist Church Farmersville and current President of the Southern Baptist Convention, joins Dr. Lance for a conversation reflecting on some elements of the most recent convention meeting of 2023 in New Orleans. They discuss his reflection on being the president of the Southern Baptist Convention, the Law Amendment, the task force being assembled on cooperation, the impact of the Cooperative Program and its focus of advancing the Gospel around the world. Praying for Bart, his family and church family:First Baptist Farmersville, being able to effectively continue in ministry while their p...
2023-07-2129 min
Future of Application SecurityEP 40 — Steve Springett on Solving Software Supply Chain Security and SBOM ChallengesIn this episode of the Future of Application Security, Harshil speaks with Steve Springett. They discuss the broad definition of what software supply chain security is, the implementation of SBOMs after the White House's Executive Order, and how organizations can effectively adopt, operationalize, and use SBOMs. They also discuss the biggest drivers for better software supply chain security, why you need to manage more than just vulnerabilities, and how organizations can start chipping away at their software security chain problems.
Topics discussed:
Steve's broadly encompassing definition of software supply chain security.
How organizations scrambled to adopt a...
2023-07-1933 min
The New Stack PodcastA Good SBOM is Hard to FindThe concept of a software bill of materials (SBOM) aims to provide consumers with information about the components inside a software, enabling better assessment of potential security issues. Justin Hutchings, Senior Director of Product Management at GitHub, emphasizes the importance of SBOMs and their potential to facilitate patching without relying solely on the vendor. He spoke with Alex Williams in this episode of The New Stack Makers.Creating a comprehensive SBOM poses challenges. Each software package is unique, such as an Android application that combines the developer's code with numerous open-source dependencies obtained through Maven packages. The...
2023-06-2325 min
daBOMBrian Reed on Reverse Engineering Software with SBOMI remember being pushed back into my seat with a force I had never felt before. It was the first time I had ever been in an electric car, and Brian Reed was at the steering wheel with this big smile on his face as we went from 0 to 60 in about 3 seconds. It was just one of the many memorable experiences that I've had while spending time with Brian over the years.It feels like every time I see him, he introduces me to something new, and the discussions we have - they're extremely illuminating. ...
2023-06-2021 minOne Mission PodcastBen Hayes - One MissionDr. Ben Hayes pastor of First Baptist Church Dadeville joins Dr. Lance for a reflection on the recent tragedy in Dadeville, AL. You'll hear Dr. Hayes' testimony and journey with the community and church. The Lord used both of these to prepare him for the community's "9/11 moment." You'll be encouraged in this story by the Lord's providence in the faithfulness of His people, and how it can help prepare you for tragedies in your life or community, which we pray will never come. You'll also hear a model for leadership in crisis through details Ben shares as he handled...
2023-06-0824 min
The PrOTect OT Cybersecurity PodcastMatt Wyckhouse: Behind the Cyber Shield: OT Security and the Importance of SBOMAbout Matt Wyckhouse: Matt Wyckhouse is a renowned cybersecurity expert with over 15 years of experience in offensive and defensive cyber operations. He is the co-founder and CEO of Finite State, a cybersecurity startup that focuses on illuminating the vulnerabilities and threats within complex software supply chains to protect the devices that power our modern lives. Prior to founding Finite State, Matt spent most of his career at Battelle, where he was the technical founder and CTO of their Cyber Security Division. Matt oversaw dozens of intelligence and security programs supporting strategic global missions, many of which were focused on...
2023-05-1850 min
The PrOTect OT Cybersecurity PodcastMatt Wyckhouse: Behind the Cyber Shield: OT Security and the Importance of SBOMAbout Matt Wyckhouse: Matt Wyckhouse is a renowned cybersecurity expert with over 15 years of experience in offensive and defensive cyber operations. He is the co-founder and CEO of Finite State, a cybersecurity startup that focuses on illuminating the vulnerabilities and threats within complex software supply chains to protect the devices that power our modern lives. Prior to founding Finite State, Matt spent most of his career at Battelle, where he was the technical founder and CTO of their Cyber Security Division. Matt oversaw dozens of intelligence and security programs supporting strategic global missions, many of which were focused on discovering...
2023-05-1850 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #143 - Secure WhatsApp Chat, SBOM Bombshell, AI ThreatHey, it's 5:05 on Wednesday. May 17th, 2023. From the Sourced Podcast Network in New York city, this is your host, Pokie Huang. Stories in today's episode come from Edwin Kwan in Sydney, Australia, Olimpiu Pop in Transylvania, Romania, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri. Let's get to it. Secure WhatsApp Chat Using Password or Biometrics🇦🇺 Edwin Kwan, Sydney, Australia ↗WhatsApp now lets you lock chats with a password or fingerprintSBOM bombshell - three key take aways you need to take from your SBOMs🇷🇴 O...
2023-05-1708 minThe Application Security PodcastTony Turner -- Threat Modeling and SBOMHave you ever considered using an SBOM to inform your threat modeling? Tony Turner has. Tony joins us to discuss SBOMs, threat modeling, and the importance of Cyber Informed Engineering. Tony delves into the SBOM (Software Bill of Materials) concept, highlighting their value proposition in identifying vulnerabilities, demonstrating compliance with software licenses, and informing M&A activities and incident response indicators related to cyberattacks. We also explore the integration of SBOMs into the system engineering process and security engineering.Tony further introduces the concept of Consequence-Driven Cyber Informed Engineering, which emphasizes understanding the potential consequences o...
2023-05-0344 minOne Mission PodcastJamie Dew - One MissionDr. Jamie Dew, President and Professor of Christian Philosophy at New Orleans Baptist Theological Seminary, joins Dr. Lance for a time of personal sharing and life and leadership lessons that will surely encourage and inform. Jamie shares his testimony, how he balances life and ministry, and his lessons learned as he transitioned into his role as president. Jamie transparently discusses his life and ministry:Jamie's testimony of transformation from one being far from God to excited to participate in His mission.The balance of ministry with his family - Dr. Tara and their two sets of t...
2023-04-2729 min
The Virtual CISO PodcastEp 116: What is an SBOM & Why Are My Customers Suddenly Asking for One?With the release of President Biden’s Executive Order 14028 on “Improving the Nation’s Cybersecurity” from May 2021 the US public and private sectors have been alerted to the significant cybersecurity risks within our software supply chain. As of the March 2023 release of the National Cybersecurity Strategy, which will shift liability for software products and services to promote secure development practices, it’s evident that software security needs to be elevated across all organizations. In this episode, your host John Verry, Pivot Point Security CISO and Managing Partner, sits down with Tim Mackey, Head of Software Supply Chain Risk Strategy a...
2023-04-2536 min
The CloudcastSBOM and Software Supply ChainRob Szumski (@robszumski, Founder/CEO @Edgebitio) talks about the evolution of software supply chains, SBOMs, and managing software dependencies in the age of cloud-native apps.SHOW: 710CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Datadog Security Solution: Modern Monitoring and SecurityStart investigating security threats before it affects your customers with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt...
2023-04-1228 minOne Mission PodcastAssociational Missionary Neal Hughes - One MissionMeet one of the most genuine and friendly people to know, Dr. Neal Hughes. Some of the roles Neal has and is serving are as former pastor, Associational Missionary for Montgomery, Alabama and member of the Southern Baptist Convention (SBC) Executive Committee. You'll hear his testimony, call to missions, early ministry, what it means to be a part of the Executive Committee, the path forward for Southern and Alabama Baptists, and a recap of a very powerful event in Serve Tour Montgomery that impacted Montgomery and the surrounding River Region Associations.Prayer:Neal's request was to...
2023-04-0625 minFaith TapesBefore We Can Use a Strategic Plan - Chuck Kelley - MessagesDr. Chuck Kelley. President Emeritus and Distinguished Research Professor of Evangelism at New Orleans Baptist Theological Seminary delivers a message to the 2017 Alabama State Evangelism Conference. His message is an exhortation on what it takes to actually make an impact on the world for Christ. Notes:The message concerns the essential needs that must be addressed before a church or organization can create a successful evangelistic strategy. The most significant need is the Christ-Likeness of Church Members. 5 evidences of someone becoming Christ-Like:1 Will - Surrendering to what God would have us d...
2023-04-0436 mindaBOMThe CycloneDx SBOM Format - Guest: Steve SpringettI'm DJ Schleen and welcome to daBOM. I'm on a journey to demystify Software Bill of Materials and on this podcast I'll be investigating technical, regulatory, and practitioner stories in and around the SBOM and -BOM movement. Along the way you'll meet the people and teams responsible for creating and maintaining the various Software Bill of Materials formats, and we'll also dig deep into all types of Bill of Materials including SBOMs, SaSSBoms, IBOMs and any other type of -BOM that you may have heard about. If you're interested in software security, the sof...
2023-04-0430 min
Unsolicited ResponseThe OT SBOM MarketDale Peterson talks with Matt Wyckhouse, Founder and CEO, of Finite State about where the SBOM products and market is today and where it will go in the future. This discussion was informed by the SBOM Challenge at S4x23. Who is the primary buyer of SBOM products and services today? (Hint: Matt thinks that 80% of the code in a product is third party) How accurate are the products, and the Finite State product in particular, in creating a SBOM? How much is the value of a SBOM degraded if it is not perfect? If it is missing...
2023-03-2950 minOne Mission PodcastState Missionary Rick Barnhart - One MissionDr. Rick Lance, Lead State Missionary, visits with another one of your State Missionaries Rick Barnhart, Office Director in the Office of Associational Missions and Church Planting. Rick shares his personal testimony, discusses the Associational structures and responsibilities of Associational Missionaries, explains the process of the church planter pipeline, and shares some reflections on Send Relief's Serve Tour around the River Region and Montgomery. This episode of One Mission will give you a personal look into both lives and allow you to get to know one of your State Missionaries and their work on a deeper level. L...
2023-03-2324 min
IoT: The Internet of ThreatsThe SBOM Challenge: Wait ... there was a contest? Who won?? with Matt Wyckhouse, Founder & CEO of Finite StateOn this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Matt Wyckhouse, Founder and CEO of Finite State. Throughout his career, Matt has spearheaded complex national security programs ranging from detection of malicious integrated circuits in the supply chain to next-generation intrusion detection systems for automotive systems. Matt directed numerous intelligence programs related to the security of embedded and IoT devices and has been a speaker on the subject at security events. Together, Eric and Matt revisit February's S4x23 event and its SBOM Challenge. They examine its takeaways and c...
2023-03-0727 min
Buongiorno da EdoSBOM e la strategia USA per la sicurezza informaticaStrategia USA per la sicurezza informatica: l’onere della resilienza va alle aziende tecnologiche - https://www.redhotcyber.com/post/strategia-usa-per-la-sicurezza-informatica-lonere-della-resilienza-va-alle-aziende-tecnologiche/
SBOMs should be a security staple in the software supply chain - https://www.theregister.com/2023/03/05/sboms_supply_chain_security/
#sbom #security #cybersecurity #sicurezza #informatica #statiuniti #joebiden
=== Podcast
Anchor - https://anchor.fm/edodusi
Spotify - https://open.spotify.com/show/4B2I1RTHTS5YkbCYfLCveU
Apple Podcasts - https://podcasts.apple.com/us/podcast/buongiorno-da-edo/id1641061765
Google Podcasts - https://podcasts.go...
2023-03-0605 minFaith TapesSafe and Secure in Christ - Bob WhiteBob White, former executive director, Georgia Baptist Convention delivers his message to the Senior Adult Evangelism Conference of 2016 on being secure in your salvation from Christ.How can I know that once I am saved I am saved forever?Perseverance of the Spirit of God - Philippians 1:6Present Tense of Salvation – John 5:24Predestination of the Saints – Romans 8:28Prayers of the Savior – John 17:9Perfection of the Sacrifice – Hebrews 10:10Power of our Salvation – 1 PeterSalvation Confirmation Number: John 10:27-30Faith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear me...
2023-03-0238 minOne Mission PodcastBuddy Champion - One MissionDr. Lance is joined by Buddy Champion, pastor of First Baptist Church Trussville, for a conversation about his role as president of the Alabama Baptist Convention but also to discuss lessons learned as pastors and reflect on some opportunities they’ve been given by God throughout their ministry. Listen as Buddy shares a different perspective on the work of the State Board of Missions, shares lessons learned throughout his time in ministry, shares best practices from his ministry at First Baptist Trussville and shares personal struggles and perspectives on his own walk with God. If you are a c...
2023-03-0224 min
Down the Security Rabbithole Podcast (DtSR)DtSR Episode 539 - SBOM Paving the Road of Good IntentTL;DR It's been said that the road to hell is paved with good intentions. I feel like this applies to SBOM so much it's scary. All the good intentions in the world seemed to have led us to a place where we have tools that produce inconsistent results, tool sets that aren't necessarily integrated or mission-focused to deliver results, and a lot of confusion. Varun joins us with a boatload of entrepreneurial expertise and an eye for problem-solving so it's an interesting conversation. Join Rafal & James in a conversation that you'll want to listen...
2023-02-2147 minFaith TapesFaithfulness - Dr. Albert MohlerDr. Albert Mohler, President of The Southern Baptist Theological Seminary spoke to the 2018 Alabama Baptist Convention and shared his appreciation of the faithfulness of Alabama Baptists. He also shares personal reflections on impactful events throughout his life including landmarks of faithful Baptist influence, and a challenge of faithfulness from Acts 20 in our walk with Christ.Theological FaithfulnessMoral FaithfulnessEvangelistic FaithfulnessCongregational FaithfulnessFaith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear messages delivered by pastors at our events held throughout the year or raw interviews. This ministry is made possible by your...
2023-02-1650 minOne Mission PodcastPaul Chitwood - One MissionDr. Rick Lance discusses life, calling, IMB, and more with Dr. Paul Chitwood, president of the International Mission Board (IMB).Hear from Dr. Chitwood in a way you might not have before as he discusses his personal testimony of coming to faith in Christ, his calling to full-time ministry, and the background that uniquely gifts him to his current role as President of the International Mission Board. His personal story is God's calling of a timid personality to serve the Lord in ever-growing responsibility culminating in a special role as IMB's president. The highlights: 18 years as pastor, p...
2023-02-0128 min
CyberTech TalksThe Rise of the SBOM with Jon Geater, Tony UV, Caleb Davis & Matthew FreilichThis episode, our experts provide insight into the SBOM (which stands for a "Software Bill of Materials"). We're joined by Jon Geater (CTO at RKVST), Tony UcedaVélez (CEO & Founder, VerSprite & Vice-Chair of CREST’s Penetration Testing Focus Group Sub-Committee), Caleb Davis (Senior Manager – Emerging Technologies at Protiviti) & Matthew Freilich (Director at Protiviti). They discuss the rise of the SBOM - sharing their experiences, lessons learned as practitioners, insight into tools and where an SBOM can help.We look forward to bringing you more episodes with cyber experts, make sure to subscribe and follow...
2023-01-2640 minFaith TapesDavid Eldridge - 2019 State Evangelism ConferenceJoin Dr. David Eldridge, Senior Pastor at Dawson Family of Faith in Birmingham, who brings a message from Luke 5 at the 2019 State Evangelism Conference. You'll be encouraged by his word on the sufficiency of faith in salvation and the resulting mission we have to share that truth with others.Faith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear messages delivered by pastors at our events held throughout the year or raw interviews. This ministry is made possible by your gifts through the Cooperative Program.
2023-01-2436 min
IoT: The Internet of ThreatsSo, What the Heck Are You Supposed to Do with an SBOM? with Dr. George Shea, Chief Technologist at the Foundation for Defense of DemocraciesOn this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Dr. George Shea, the Chief Technologist of the Transformative Cyber Innovation Lab (also known as the TCIL or the Lab) of the Foundation for Defense of Democracies (FDD), a nonprofit, nonpartisan 501(c)(3) research institute that concentrates on foreign policy and national security. George is also a member of the Operational Resilience Framework (ORF) Task Force, Cybersecurity Canon, and a contributor at The CyberWire. Together, Eric and George examine the continuous visibility that SBOM brings to software supply chains, the push fo...
2023-01-0624 minFaith TapesApart From Me You Can Do Nothing - Ben StubblefieldBen Stubblefield, pastor of Spring Hill Baptist Church, Mobile, provides a great reminder that the work of God is done only with God and never apart from Him, and he addresses the challenges that those in ministry face when trying to live in light of this reality. This message was originally presented at the 2019 Alabama Baptist State Convention Annual Meeting held in Faith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear messages delivered by pastors at our events held throughout the year or raw interviews. This ministry is ma...
2023-01-0530 min
One Mission PodcastConvention Series: Dr. Willie McLaurin - One MissionDuring the Alabama Baptist Convention, Dr. Lance was able to sit with Dr. Willie McLaurin to discuss current issues in SBC life for conventions nationwide and within Alabama. Dr. McLaurin also reflects on his life and some important ways to pray for him and his ministry. Ways mentioned to pray:His wife will always feel loved not lonely.His children will feel like rewards and not rentals.He would keep the main thing, the main thing. Not to take side roads but to have a non-anxious presence and wisdom to discern what is most i...
2022-12-2020 min
One Mission PodcastConvention Series: Dr. Robert Smith Jr - One MissionDuring the Alabama Baptist Convention, Dr. Rick Lance and Dr. Robert Smith Jr. were able to sit down and spend some time talking about ministry. Dr. Smith’s personal call to ministry and reflections on ministry issues of the past that impact the ministries of the present are just a few things you’ll find in this episode.Book discussed: Doctrine That Dances: Bringing Doctrinal Preaching and Teaching to LifeThe One Mission Podcast is a production of the Alabama Baptist State Board of Missions.
2022-12-2028 min
Technology LeadsSBOM (met Dennis Geurts)Vandaag hebben we Dennis Geurts voor de tweede keer te gast in onze podcast! Dennis is Principal Consultant Software Architecture bij Sogeti en vandaag hebben we het met hem over de SBOM (Software Bill Of Materials). In moderne software ontwikkeling worden vaak open-source componenten gebruikt die security risico's kunnen bevatten. Om dit te voorkomen wordt een SBOM bijgehouden. Als blijkt dat er een verhoogd risico is, kan door de SBOM makkelijker worden nagegaan of dit ook effect op jouw software heeft.
Natuurlijk hebben we ook weer onze tech updates:
Sustainability vs Green IT
https...
2022-12-1947 min
INNOQ Security PodcastTürchen #13: Die Zutatenliste für eure Software - SBOMDer Adventskalender des INNOQ Security Podcasts 2022
Unsere Folge über Supply-Chain-Security
Unsere Folge über log4shell
Die Executive Order on Improving the Nation’s Cybersecurity
Die NIST über SBOM
Das SPDX Format
Das CyclondeDX Format
Dependency-Track
Feedback
Falls ihr Fragen oder Anregungen habt, schreibt uns gerne eine E-Mail an security-podcast@innoq.com.
2022-12-1303 min
IoT: The Internet of ThreatsWhat's Going on with ICS Security, and What's SBOM Got to Do with It? with Dale Peterson, ICS Security Catalyst and Founder of S4 EventsOn this episode of the IoT: The Internet of Threats podcast, host Eric Greenwald interviews Dale Peterson, a widely recognized name in the OT cybersecurity field and, specifically, in ICS (industrial control system) security. Dale is the founder of S4, the premiere event in ICS security. Dale created the event in 2007 to showcase the best offensive and defensive work in ICS security and to build connections within the industry. He founded Digital Bond, an ICS / SCADA cybersecurity consulting company in 1998 and serves as its CEO. Together, Eric and Dale examine the origins of Dale's influential S4...
2022-12-1225 minFaith TapesDevoted - Vance PitmanVance Pitman delivers a message to the attendees of the 2020 State Evangelism Conference held at Heritage Baptist Church in Montgomery, Ala.Faith Tapes is a product of the Alabama Baptist State Board of Missions. Subscribe to hear messages delivered by pastors at our events held throughout the year or raw interviews. This ministry is made possible by your gifts through the Cooperative Program.
2022-12-0839 min
Resilient CyberS3E26: Mark Curphey - Challenges in SCA/SBOM and Modernizing OWASP- You recently wrote an article about the SBOM Frenzy being Pre-Mature. For those not familiar with SBOM's, what is an SBOM and what has led to the frenzy as you call it?- In your article you discuss challenges related to the build environments and hosts that can cause different outputs and SBOM's unless a build occurs on two identical machines. Can you explain why that is? - What role do you think emerging frameworks such as SLSA or SSDF and higher maturity requirements for things such as Reproducible Builds or Hermitic Builds play i...
2022-11-1236 min
One Mission PodcastIntroducing the One Mission Podcast - One MissionIntroducing the One Mission Podcast hosted by Dr. Rick Lance, executive director of the Alabama Baptist State Board of Missions. The One Mission Podcast is a production of the Alabama Baptist State Board of Missions.
2022-11-0102 min
60 Sec on AppSecWhat is SBOM (Software Bill Of Material) and why it is important for security teams? with Chirag Prajapati, Application Security Engineer, CopartHow does the SBOM provide the needed visibility and allow teams to gain control over their code base?
2022-10-3101 min
Let's Talk AppSecOpsThe SBOM MovementThe SBOM Movement has gained huge attention in just half a year. Whether as an external dependency of a developing product or a mission-critical tech stack component, inbound software has provenance (and often, vulnerabilities) that need to be reported for security downstream. US and foreign government support, as well as executive action, have done so much to stir awareness of these supporting docs. Many are ready to embrace it as standard—but 2/3ʳᵈˢ or more organizations still are unaware of new SBOM mandates. Luis Guzmán explains why the future for SBOMs is bright but still has ways to go before reachin...
2022-10-0704 min
Let's Talk AppSecOpsThe SBOM MovementThe SBOM Movement has gained huge attention in just half a year. Whether as an external dependency of a developing product or a mission-critical tech stack component, inbound software has provenance (and often, vulnerabilities) that need to be reported for security downstream. US and foreign government support, as well as executive action, have done so much to stir awareness of these supporting docs. Many are ready to embrace it as standard—but 2/3ʳᵈˢ or more organizations still are unaware of new SBOM mandates. Luis Guzmán explains why the future for SBOMs is bright but still has ways to go before...
2022-10-0704 min
The Untold Stories of Open SourceWaiting for the SBOM to Drop, with Allan Friedman“But we haven't made that much progress. How do we translate that into action or change the underlying economics.” That’s something Allan Friedman has been thinking about for years. He was one of the first, if not THE first person to talk with me about the need for a mandatory software bill of materials to be attached to all software back in 2017 when he was Director of Cybersecurity Initiatives for the US Department of National Telecommunications and Information Administration (NTIA).In today’s show we’ll do a deep dive with Allan, tracing his path from d...
2022-08-1833 minThe Untold Stories of Open SourceWaiting for the SBOM to Drop, with Allan FriedmanAllan Friedman was one of the first, if not THE first person to talk with me about the need for a mandatory software bill of materials to be attached to all software back in 2017 when he was Director of Cybersecurity Initiatives for the US Department of National Telecommunications and Information Administration (NTIA).In today’s show we’ll do a deep dive with Allan, tracing his path from doing economic research at Harvard in the early 2000s, to becoming the country’s most recognized advocate on SBOM legislation as the current Senior Advisor and Strategist for the Cybers...
2022-08-1833 min
Pulsión Digital: Mejora tus habilidades digitales98: SBOM: Novedades, su importancia, por qué generarlo, y másHablamos con Julian Coccia de SCANOSS y la Fundación para la Transparencia del Software sobre el SBOM: Software Bill of Materials, el desarrollo del software y sus "frankestein", la situación en Estados Unidos y Europa, ciberseguridad, licencias y más.
2022-06-2428 min
Open Source SecurityThe fake 7-Zip vulnerability and SBOMJosh and Kurt talk about a fake 7-Zip security report. It's pretty clear that everyone is running open source all the time. We end on some thoughts around what SBOM is good for, and who should be responsible for them. Show Notes Probably fake 7-Zip
2022-05-1638 min
IoT: The Internet of ThreatsThe SBOM Is Coming, with Allan FriedmanThis week's episode of the IoT: The Internet of Threats podcast features host Eric Greenwald reviewing security news with Nick and Sam, the Vidovich brothers and discussing the future of the Software Bill of Materials (SBOM) Allan Friedman, Senior Advisor and Strategist at CISA. News Roundup: This week's Weekly News Roundup covers: Lessons that IT professionals can take away from the new Windows patch The importance of boardrooms bracing for supply chain cyberattacks The importance of the SBOM in addressing cybersecurity supply chain risk Interview with...
2022-05-1037 min
Pulsión Digital: Mejora tus habilidades digitales94: Qué es el SBOM y por qué debería importarteEntrevista a Julian Coccia, CTO de SCANOSS y Head Of Project Office en la Software Transparency Foundation. Conversamos sobre el por qué de su interés en el open source, qué hace SCANOSS, qué hace la Software Transparency Foundation, qué es un SBOM (Software Bill of Materials), su importancia, y los tipos de riesgos al desarrollar software (legal, de seguridad, técnico).
También hablamos sobre por qué es importante que las PyMES tengan su propio SBOM, los riesgos de no llevar un inventario del software libre que utilizan, qué es una herramienta de análisis de composición de softwa...
2022-04-2540 min
RSACSBOM: Where We’ve Come From, and Where We’re GoingAcross the security world, there’s a growing appreciation about the need to better understand our software supply chain. Transparency won’t solve all our problems, but will lay a foundation for greater resilience and more informed decisions. This discussion will review the basics of SBOM, using the recent log4j vulnerability to understand how SBOM can help across the software ecosystem—and also understand its limits. We’ll also delve into the future of SBOM, exploring some of the gaps, where we need to focus to advance the state of the art. Our ultimate goal should be the integration of SBOM...
2022-03-2122 min
Tech Decisions PodcastMy TechDecisions Podcast Episode 155: What To Look For in an SBOMLiran Tancman, CEO of cybersecurity firm Rezilion, joins the podcast to talk about what IT and cybersecurity professionals should look for in a software bill of materials (SBOM).
2022-03-1718 min