2023-06-15 –, Main stage
There is an increasing awareness that Software Bill of Materials (SBOM) will be a key artefact in improving software security and resilience. However, an SBOM is only as good as the data which is contained within it. Recently there has been a lot of discussion about what makes a good SBOM and this session will attempt to define this and identify the key parts of the SBOM which the community can help curate and improve to ensure that the benefits of providing and using SBOMs are realised. This session will include a number of practical examples to show what can be revealed when the quality of the data is improved.
An experienced solution architect and cyber security consultant from the UK delivering and securing mission critical systems.
Has been involved in promoting SBOMs for the past 2 years as a way of supporting vulnerabilty management. Involved in various working groups related to SBOMs including the SBOM Forum, SPDX Defects and OpenSSF SBOM Everywhere initiative.
Has been actively promoting open-source for many years and contributing to an increasing number of projects.