Sign up to save your podcasts
Or
Share Tom Alrich On All Things SBOM
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Tom Alrich On All Things SBOM
Tom Alrich dives deep on the items he works and writes about. For a long time it was NERC CIP, and he recently added SBOMs to his repertoire. We go deep and I think the business model portion may be the best and most accessible part of the episode.
1:21 The 2 main SBOM formats. There differences and what will win.
12:30 VEX ... identifying what vulnerabilities in the SBOM are exploitable
24:00 What EO 14028 will require the USG to do with SBOMs in August
34:00 Who and how SBOMs will be provided and used. Business models.
Links
Tom Alrich's Blog
Tom's Who Should Be Responsible article
Subscribe to Dale's ICS Security - Friday News & Notes
View all episodes
By Dale Peterson: ICS Security Catalyst and S4 Conference Chair
4.9
1414 ratings
Tom Alrich dives deep on the items he works and writes about. For a long time it was NERC CIP, and he recently added SBOMs to his repertoire. We go deep and I think the business model portion may be the best and most accessible part of the episode.
1:21 The 2 main SBOM formats. There differences and what will win.
12:30 VEX ... identifying what vulnerabilities in the SBOM are exploitable
24:00 What EO 14028 will require the USG to do with SBOMs in August
34:00 Who and how SBOMs will be provided and used. Business models.
Links
Tom Alrich's Blog
Tom's Who Should Be Responsible article
Subscribe to Dale's ICS Security - Friday News & Notes