Software Engineering Institute

Sonatype's VP of Product Innovation Dr. Stephen Magill will discuss achieving regulatory compliance and security through effective SBOM (Software Bill of Materials) management. Learn which industry segments now require SBOM production and how to maintain compliance with relevant regulations. Discover best practices for retaining SBOMs throughout the software lifecycle, how to monitor them for vulnerabilities, and the importance of applying these same standards to third-party SBOMs. This talk goes beyond SBOM production to answer the critical question "I have an SBOM, now what?"

Dr. Stephen Magill was the CEO and co-founder of MuseDev and is now VP of Product Innovation at Sonatype. He has spent his career developing tools to help developers identify errors, gauge code quality, and detect security issues. Stephen has led multiple large-scale research initiatives, including DARPA projects on privacy, security, and code quality. He was also a co-author and research lead for the 2019-2023 State of the Software Supply Chain reports. Dr. Magill earned his Ph.D. in CS from Carnegie Mellon University and his BS from the University of Tulsa. He is a member of the University of Tulsa Industry Advisory Board and has served on numerous program committees and funding panels.