Trusted-SBOM - Verifying Software Bill of Materials for Security and Integrity

Explore the critical importance of verifying Software Bills of Materials (SBOMs) in this 17-minute conference talk presented by Haoxiang Zhang and Ahmed E. Hassan. Delve into the concept of Trusted-SBOM and understand why simply producing an SBOM is insufficient for ensuring software security and integrity. Learn about the necessity of verifying SBOM accuracy and comprehensiveness, with examples of incorrect SBOMs provided. Discover the speakers' efforts and toolsets for SBOM verification, and gain insights into best practices for ensuring SBOM trustworthiness and traceability. Engage in a community-wide discussion on this crucial topic and learn about current efforts to address SBOM verification challenges.

Trusted-SBOM: On the Critical Importance of Verifying SBOMs - Haoxiang Zhang & Ahmed E. Hassan