2023 Q4 Symposium: How to Use SBOMs to Increase Your Software Supply Chain Security
Events

2023 Virtual Symposium

How to Use SBOMs to Increase Your Software Supply Chain Security

Virtual Event

Nov 2023
14

Time

10:00 AM - 12:30 PM PT

Location

Web Conference

How to Use SBOMs to Increase Your Software Supply Chain Security
High-profile software supply chain attacks and vulnerabilities like Log4j just represent the tip of the iceberg. One way the government is trying to create additional transparency around the software supply chain for federal agencies and its contractors, which will likely impact commercial entities down the road as well, is to require a software bill of materials (SBOM). In this session, explore:

  • What the federal government’s SBOM requirement entails and how it will trickle down to the private sector
  • Different protocols/formats of SBOMs (including those for SaaS products), what they (should) tell you, and how to use them (i.e., produce, validate, consume, update, store and transfer them)
  • The potential pitfalls of open source SBOMs and how to guard against them
  • The basics of VEX (Vulnerability Exploitability eXchange) and how to use SBOMs and VEX data as a part of your overall vulnerability management strategy 

Audience

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Venue Information:

Web Conference

Registrants will receive a logistics email with web conference meeting information one day prior to the event.

*Receive 1 CPE credit for every hour of attendance at our events.