April 04, 2024

Developing and Using a Software Bill of Materials Framework

Listen Later

37 minutes

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Software Engineering Institute (SEI) Podcast Series

By Members of Technical Staff at the Software Engineering Institute

4.5

1818 ratings

April 04, 2024

Developing and Using a Software Bill of Materials Framework

Listen Later

37 minutes

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

...more

More shows like Software Engineering Institute (SEI) Podcast Series

Software Engineering Radio by se-radio@computer.org

Software Engineering Radio

273 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

623 Listeners

Risky Business by Patrick Gray

Risky Business

375 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

159 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

284 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,007 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

178 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Make It Real by CMU Engineering

Make It Real

0 Listeners

SEI Cyber Talks by Members of Technical Staff

SEI Cyber Talks

0 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

136 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

46 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

59 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

586 Listeners

HBR On Strategy by Harvard Business Review

HBR On Strategy

76 Listeners