April 04, 2024

Developing and Using a Software Bill of Materials Framework

Listen Later

37 minutes

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Software Engineering Institute (SEI) Podcast Series

By Members of Technical Staff at the Software Engineering Institute

4.5

1818 ratings

April 04, 2024

Developing and Using a Software Bill of Materials Framework

Listen Later

37 minutes

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

...more

More shows like Software Engineering Institute (SEI) Podcast Series

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

1,828 Listeners

Risky Business by Patrick Gray

Risky Business

360 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

627 Listeners

Make It Real by CMU Engineering

Make It Real

0 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

623 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

269 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,876 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

167 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

187 Listeners

SEI Cyber Talks by Members of Technical Staff

SEI Cyber Talks

0 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

127 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis

458 Listeners

HBR On Strategy by Harvard Business Review

HBR On Strategy

86 Listeners