Don't Let SBOMs become Yet Another Compliance Activity
• Presentation
Publisher
Software Engineering Institute
Topic or Tag
Abstract
Software Bills of Materials, or SBOMs, are a hot topic when it comes to our so-called software supply chains. The promise of SBOMs is huge: know what you're running across all of your infrastructure and assess your exposure to a vulnerability in seconds. But without careful work by the community, we risk SBOMs become just another compliance gate that gives a false sense of security without commensurate value.
Lt. Col. Camdon Cady is the Chief Technology Officer at Platform One. There, he helps lead the first enterprise DevSecOps initiative in the DoD. Through his research interests in formal languages and software analysis, he hopes to one day see the Air Force move beyond Excel as the primary database of choice.