Steve Springett is the Director of Product Security at ServiceNow, helping 4,000+ developers build secure and resilient software. He’s a leader of multiple OWASP projects including Dependency Track, SCVS, and Cyclone DX. In this conversation, Steve and Francesco discuss the term SBOM (software bill of materials), the importance of regulations, and the state of the industry.

The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://phoenix.security/request-a-demo/ for a free 14-day licence.

0:00 Introduction

1:35 Steve’s background

2:35 State of the industry

7:00 Breach fatigue

10:00 Shift left, shift smart

13:45 How to make asset management sexy again

17:10 Threat modeling

20:00 Regulation

26:00 Security metrics

28:15 OWASP projects—SBOM platform

34:14 Final positive message

36:09 Get connected

37:20 Outro

Steve Springett

https://www.linkedin.com/in/stevespringett/

https://infosec.exchange/@stevespringett

Twitter @stevespringett

https://dependencytrack.org/

https://scvs.owasp.org/

https://cyclonedx.org/

Cyber Security and Cloud Podcast hosted by Francesco Cipollone

Twitter @FrankSEC42

Linkedin: linkedin.com/in/fracipo 

#CSCP #cybermentoringmonday cybercloudpodcast.com 

Social Media Links 

Twitter: https://twitter.com/podcast_cyber   


Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/