Software Bill of Materials (S-BoM) - Reducing Risk in Third-Party Components
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the critical importance of Software Bill of Materials (S-BoM) in managing third-party and open source component risks in this 36-minute conference talk from AppSecCali 2019. Delve into best practices for systematic risk reduction while maintaining the benefits of external components. Learn how to create S-BoM documents in polyglot build environments and leverage OWASP Dependency-Track for automated identification of outdated and vulnerable components. Discover strategies for automating responses to specific security events and gain insights into emerging standards and government initiatives shaping the future of component risk management. Presented by Steve Springett, Senior Security Architect at ServiceNow, this talk offers practical examples and demonstrations for implementing effective risk identification and remediation strategies with minimal effort.
Syllabus
AppSecCali 2019 - BoMs Away - Why Everyone Should Have a BoM - Steve Springett
Taught by
OWASP Foundation
Related Courses
Inspecting Open Source Software Packages for Security and License CompliancePluralsight DevSecOps Fundamentals
Cybrary Effective Vulnerability Discovery with Machine Learning
Black Hat via YouTube The Devils in the Dependency - Data Driven Software Composition Analysis
Black Hat via YouTube Protect Yourself Against Supply Chain Attacks
NDC Conferences via YouTube