Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
内容由Reimagining Cyber提供。所有播客内容(包括剧集、图形和播客描述)均由 Reimagining Cyber 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
类似 Reimagining Cyber - real world perspectives on cybersecurity 的节目
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Tom Merritt and the team help you stay up to date with an independent, authoritative and trustworthy tech news briefing. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM -播客应用
使用Player FM应用程序离线!
使用Player FM应用程序离线!
))
Unpacking SBOMs: The Building Blocks of Software Security - Ep 103
Manage episode 425678018 series 3361845
内容由Reimagining Cyber提供。所有播客内容(包括剧集、图形和播客描述)均由 Reimagining Cyber 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
In this episode, Stan Wisseman and Rob Aragao welcome Justin Young to explore the transformative role of Software Bill of Materials (SBOMs) in enhancing software supply chain security. Justin shares his extensive experience and insights into how SBOMs contribute to the maturation of the software industry, drawing parallels with the auto and food industries' approaches to defect and ingredient tracking.
The discussion delves into the regulatory landscape, highlighting the FDA's SBOM requirements for medical devices, the U.S. National Cybersecurity Strategy, and various compliance mandates from CISA, DORA, PCI, and the EU CRA. Justin explains the importance of shifting liability to software vendors and away from end users and open-source developers, emphasizing the need for actively maintained and secure software components.
Listeners will gain an understanding of the different SBOM formats, Cyclone DX and SPDX, and their respective advantages. Justin also addresses the challenges organizations face in managing SBOMs, including procurement, validation, and the necessity of a dedicated SBOM program manager.
Finally, the episode explores the practicalities of SBOM implementation, from storage and cataloging to enrichment and vulnerability management, offering a comprehensive guide for organizations aiming to bolster their software security practices.
Tune in to learn how SBOMs are reshaping the software industry, driving transparency, and enhancing security across software supply chains.
Relevant Links:
Episode 88: Open-Source Software: Unlocking efficiency and innovation
Episode 41: Do a little dance, Time for some SLSA
Episode 26: Log4j Vulnerabilities: All you need to know and how to protect yourself
Episode 4: SolarWinds: Bringing down the building… Software Supply-Chain Pressure Points
Whitepaper: The need for a Software Bill of Materials
Software Supply Chain Hub page
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com
131集单集
Unpacking SBOMs: The Building Blocks of Software Security - Ep 103
Reimagining Cyber - real world perspectives on cybersecurity
分享
Manage episode 425678018 series 3361845
内容由Reimagining Cyber提供。所有播客内容(包括剧集、图形和播客描述)均由 Reimagining Cyber 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
In this episode, Stan Wisseman and Rob Aragao welcome Justin Young to explore the transformative role of Software Bill of Materials (SBOMs) in enhancing software supply chain security. Justin shares his extensive experience and insights into how SBOMs contribute to the maturation of the software industry, drawing parallels with the auto and food industries' approaches to defect and ingredient tracking.
The discussion delves into the regulatory landscape, highlighting the FDA's SBOM requirements for medical devices, the U.S. National Cybersecurity Strategy, and various compliance mandates from CISA, DORA, PCI, and the EU CRA. Justin explains the importance of shifting liability to software vendors and away from end users and open-source developers, emphasizing the need for actively maintained and secure software components.
Listeners will gain an understanding of the different SBOM formats, Cyclone DX and SPDX, and their respective advantages. Justin also addresses the challenges organizations face in managing SBOMs, including procurement, validation, and the necessity of a dedicated SBOM program manager.
Finally, the episode explores the practicalities of SBOM implementation, from storage and cataloging to enrichment and vulnerability management, offering a comprehensive guide for organizations aiming to bolster their software security practices.
Tune in to learn how SBOMs are reshaping the software industry, driving transparency, and enhancing security across software supply chains.
Relevant Links:
Episode 88: Open-Source Software: Unlocking efficiency and innovation
Episode 41: Do a little dance, Time for some SLSA
Episode 26: Log4j Vulnerabilities: All you need to know and how to protect yourself
Episode 4: SolarWinds: Bringing down the building… Software Supply-Chain Pressure Points
Whitepaper: The need for a Software Bill of Materials
Software Supply Chain Hub page
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com
131集单集
所有剧集
×
欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。
类似 Reimagining Cyber - real world perspectives on cybersecurity 的节目
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Tom Merritt and the team help you stay up to date with an independent, authoritative and trustworthy tech news briefing. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM -播客应用
使用Player FM应用程序离线!
使用Player FM应用程序离线!
