February 09, 2022

Tom Alrich On All Things SBOM

Listen Later

56 minutes

Tom Alrich dives deep on the items he works and writes about. For a long time it was NERC CIP, and he recently added SBOMs to his repertoire. We go deep and I think the business model portion may be the best and most accessible part of the episode.

1:21 The 2 main SBOM formats. There differences and what will win.

12:30 VEX ... identifying what vulnerabilities in the SBOM are exploitable

24:00 What EO 14028 will require the USG to do with SBOMs in August

34:00 Who and how SBOMs will be provided and used. Business models.

Links

Tom Alrich's Blog

Tom's Who Should Be Responsible article

Subscribe to Dale's ICS Security - Friday News & Notes

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Unsolicited Response

By Dale Peterson: ICS Security Catalyst and S4 Conference Chair

4.9

1414 ratings

February 09, 2022

Tom Alrich On All Things SBOM

Listen Later

56 minutes

Tom Alrich dives deep on the items he works and writes about. For a long time it was NERC CIP, and he recently added SBOMs to his repertoire. We go deep and I think the business model portion may be the best and most accessible part of the episode.

1:21 The 2 main SBOM formats. There differences and what will win.

12:30 VEX ... identifying what vulnerabilities in the SBOM are exploitable

24:00 What EO 14028 will require the USG to do with SBOMs in August

34:00 Who and how SBOMs will be provided and used. Business models.

Links

Tom Alrich's Blog

Tom's Who Should Be Responsible article

Subscribe to Dale's ICS Security - Friday News & Notes

...more

More shows like Unsolicited Response

Security Now (Audio) by TWiT

Security Now (Audio)

1,967 Listeners

Risky Business by Patrick Gray

Risky Business

361 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

627 Listeners

Hacked by Hacked

Hacked

181 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,011 Listeners

Click Here by Recorded Future News

Click Here

396 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,861 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

168 Listeners

The Industrial Security Podcast by PI Media

The Industrial Security Podcast

20 Listeners

@BEERISAC: OT/ICS Security Podcast Playlist by Anton Shipulin / Listen Notes

@BEERISAC: OT/ICS Security Podcast Playlist

7 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

117 Listeners

(CS)²AI Podcast Show: Control System Cyber Security by Derek Harp

(CS)²AI Podcast Show: Control System Cyber Security

2 Listeners

Ukraine: The Latest by The Telegraph

Ukraine: The Latest

1,757 Listeners

Det Store Bildet by Brandpeople og Bauer Media

Det Store Bildet

10 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners