In today’s rapidly changing digital landscape, the need for strengthening cybersecurity defenses has never been more critical. The recent years have seen major supply chain attacks such as Log4j and Solarwinds which have urged governments and industries to rethink their defenses and incorporate strong security measures. One key strategy which has gained significant attention is SBOM - “Software Bill of Materials”. The Cybersecurity & Infrastructure Security Agency (CISA) defines SBOMs as a “nested inventory, a list of ingredients that make up software components” and further calls it “a key building block in software security and software supply chain risk management”. An SBOM lists all of components and software dependencies used right from developing an application to its delivery. It serves as a record to keep track of third-party component usage in an organization. Some may recognise this as similar to a traditional bill of materials (BOM) used in the supply chain and manufacturing industry. This presentation will cover:
-the growing relevance of SBOMs in the cybersecurity industry
-how SBOMs empower an organization to measure their cybersecurity risk
-using SBOMs to identify and remediate vulnerabilities in the organization’s applications
-guidance for organizations to use SBOMs and uplevel their defense strategy.