2023 Virtual Symposium
How to Use SBOMs to Increase Your Software Supply Chain Security
Virtual Event
Nov 2023
14
Time
10:00 AM - 12:30 PM PT
Location
Web Conference
How to Use SBOMs to Increase Your Software Supply Chain Security
High-profile software supply chain attacks and vulnerabilities like Log4j just represent the tip of the iceberg. One way the government is trying to create additional transparency around the software supply chain for federal agencies and its contractors, which will likely impact commercial entities down the road as well, is to require a software bill of materials (SBOM). In this session, explore:
- What the federal government’s SBOM requirement entails and how it will trickle down to the private sector
- Different protocols/formats of SBOMs (including those for SaaS products), what they (should) tell you, and how to use them (i.e., produce, validate, consume, update, store and transfer them)
- The potential pitfalls of open source SBOMs and how to guard against them
- The basics of VEX (Vulnerability Exploitability eXchange) and how to use SBOMs and VEX data as a part of your overall vulnerability management strategy
Audience
This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.
Venue Information:
Web Conference
Registrants will receive a logistics email with web conference meeting information one day prior to the event.
*Receive 1 CPE credit for every hour of attendance at our events.