Sign up to save your podcasts
Or
Share S2E4: Dr. Allan Friedman - CISA - SBOM and the Art of Possible
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
S2E4: Dr. Allan Friedman - CISA - SBOM and the Art of Possible
For those unaware, what exactly is an SBOM, and why is it so important?
One of the presentations you gave mentioned that software supply chain attacks shouldn't be discussed as "emerging threats" - these really have been going on for years. Why do you think we still talk about it as an emerging threat or something novel?
We know you've recently talked about an effort dubbed "VEX" which seeks to add context to SBOM information. How is this valuable and how can it be used to reduce risk?
What would you say are the top 3 things that organizations could do today to be aware of in regards to software supply chain attacks?
In regards to SBOMs for complex environments such as SaaS where you have several parties involved and interdependencies, how do you see the SBOM evolving in that space?
How do you see organizations operationalizing SBOM's from a Cyber practitioner perspective? How will it fit in to a robust cybersecurity program?
View all episodes
By Chris Hughes
4.9
1616 ratings
For those unaware, what exactly is an SBOM, and why is it so important?
One of the presentations you gave mentioned that software supply chain attacks shouldn't be discussed as "emerging threats" - these really have been going on for years. Why do you think we still talk about it as an emerging threat or something novel?
We know you've recently talked about an effort dubbed "VEX" which seeks to add context to SBOM information. How is this valuable and how can it be used to reduce risk?
What would you say are the top 3 things that organizations could do today to be aware of in regards to software supply chain attacks?
In regards to SBOMs for complex environments such as SaaS where you have several parties involved and interdependencies, how do you see the SBOM evolving in that space?
How do you see organizations operationalizing SBOM's from a Cyber practitioner perspective? How will it fit in to a robust cybersecurity program?
More shows like Resilient Cyber
View all
Risky Business
373 Listeners
RunAs Radio
83 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
653 Listeners
CyberWire Daily
1,024 Listeners
Cloud Security Podcast
57 Listeners
Cyber Security Headlines
139 Listeners
Entra.Chat
4 Listeners