The Application Security Podcast

Steve Springett — An insiders checklist for Software Composition Analysis

Listen Later

Steve Springett is a technologist, husband, father, entrepreneur, and tequila aficionado. He is the creator of the OWASP @DependencyTrack and @CycloneDX_Spec. In this conversation, we begin with the problem of software supply chain risk and the failures of commercial Software Composition Analysis tools. We then go through an extensive list of criteria for purchasing a software composition analysis tool. I have never seen a list like this ever shared anywhere in the industry. Steve is definitely in the know when it comes to these types of tools, and this is a detailed checklist of what he looks for in a tool.  We end with a 60-second update on Dependency Track.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

...more
View all episodesView all episodes
Download on the App Store
The Application Security PodcastBy Chris Romeo and Robert Hurlbut
  • 5
  • 5
  • 5
  • 5
  • 5

5

36 ratings

More shows like The Application Security Podcast

View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

626 Listeners

Smashing Security by Graham Cluley & Carole Theriault

Smashing Security

312 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,879 Listeners

The Blindboy Podcast by Blindboyboatclub

The Blindboy Podcast

1,764 Listeners

The Doctor's Kitchen Podcast by Dr Rupy Aujla

The Doctor's Kitchen Podcast

623 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners