The software bill of materials (SBOM) is a key building block in software security and software supply chain management. But just having it isn’t enough. CISA has recently set out to build a new supply chain risk management office to help agencies, industry, and other partners put software supply chain security from guidance papers into practice.
How do all these best practices, recent guidance, and policies mesh together? What other tools and practices should we start seeing to form a real web of transparency and trust in the industry?
In this webinar, Dr. Allan Friedman, a senior adviser, and strategist with CISA, who is leading their efforts to coordinate SBOM use inside and outside the US, discussed these topics.