Sign up to save your podcasts
Or
Share Episode: #070: Putting da BOM in SBOM and SCA
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode: #070: Putting da BOM in SBOM and SCA
Send us a text
Ken and Mike discuss supply chain security, including software composition analysis (SCA) and software bill of materials (SBOM). They highlight the importance of understanding the components that make up your software and the risks associated with using third-party libraries. They also discuss recent supply chain failures, such as the XZ library hack and the SolarWinds attack. The hosts emphasize the need for organizations to stay up to date with software patches and to consider the security of commercial off-the-shelf software. They caution against placing too much focus on any one security tool or approach, including SBOM, and instead advocate for a well-rounded approach to security.
View all episodes
By Ken Toler and Mike McCabe
4.8
88 ratings
Send us a text
Ken and Mike discuss supply chain security, including software composition analysis (SCA) and software bill of materials (SBOM). They highlight the importance of understanding the components that make up your software and the risks associated with using third-party libraries. They also discuss recent supply chain failures, such as the XZ library hack and the SolarWinds attack. The hosts emphasize the need for organizations to stay up to date with software patches and to consider the security of commercial off-the-shelf software. They caution against placing too much focus on any one security tool or approach, including SBOM, and instead advocate for a well-rounded approach to security.
More shows like Relating to DevSecOps
View all
Darknet Diaries
7,909 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners