Episode: #070: Putting da BOM in SBOM and SCA

Relating to DevSecOps
08/05/2024 39 min Temporada 1 Episodio 70
Episode: #070: Putting da BOM in SBOM and SCA

Listen "Episode: #070: Putting da BOM in SBOM and SCA"

Descargar episodio

Episode Synopsis

Send us a textKen and Mike discuss supply chain security, including software composition analysis (SCA) and software bill of materials (SBOM). They highlight the importance of understanding the components that make up your software and the risks associated with using third-party libraries. They also discuss recent supply chain failures, such as the XZ library hack and the SolarWinds attack. The hosts emphasize the need for organizations to stay up to date with software patches and to consider the security of commercial off-the-shelf software. They caution against placing too much focus on any one security tool or approach, including SBOM, and instead advocate for a well-rounded approach to security.

More episodes of the podcast Relating to DevSecOps

Episode #081: Burnout by Budget Season: Surviving Q4 in Security 29/10/2025
Episode #080: Patch Me If You Can: Compliance, SLAs, and Other Fairytales 25/08/2025
Episode #079: CISOver It: When Dashboards Replace Direction 10/06/2025
Episode #078: 🔥 Burn Your 30-page Policies: Tanya’s Got Better Ideas 22/04/2025
Episode #077: Is Google Eating the Cloud? 🔥 Wiz.io Acquisition Hot Takes 24/03/2025
Episode #076: ShmooBalls & Open Source Brawls: DevSecOps, Risk, and the Final ShmooCon 04/02/2025
Episode #075: Ghosts of DevSecOps: Past, Present, and Future 24/12/2024
Episode #074: Battling Budgets in Security 09/12/2024
Episode #073: Staffing Security in DevSecOps 21/10/2024
Episode #072: Measuring the Immeasurable: The Power and Pitfalls of Metrics in DevSecOps 27/08/2024
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA