Cyber Security Panel Session - Software Bill of Materials : vTools Events

IEEE.org | IEEE Xplore Digital Library | IEEE Standards | IEEE Spectrum | More Sites

Cyber Security Panel Session - Software Bill of Materials

#Software #Bill #of #Materials #SBOM

This meeting was recorded. You can view the meeting at https://youtu.be/W1CEtzhTJQ4.

Did you have to deal with the Log4j or Spring4Shell vulnerability? How much time have you spent just tracking down whether your company's software was affected by these problems? Do you even know what all of the components are that are included, either directly or indirectly, in your software? How prepared are you for dealing with the next Zero Day vulnerability?

Join us for this panel session to discuss the role of a Software Bill of Materials as part of your software development process.

Panelists include:

Allan Friedman - Leading CISA's efforts to coordinate SBOM efforts inside and outside the US Government and around the world.
L Jean Camp, IEEE Fellow, Professor of Informatics & Computer Science. Center Director, Security & Privacy in Informatics, Computing, & Engineering at Indiana University (SPICE)
Tom Alrich - Co-lead for the National Telecommunications and Information Adminstration's Energy SBOM Proof of Concept. Consultant to electric power industry clients and vendors to the power industry, focusing on supply chain cybersecurity and NERC CIP-013 compliance.
Steve Pruskowski - Security Test & Evaluation Federal Lead, Cybersecurity and Infrastructure Security Agency.

The panel will be moderated by Johnny Johnson, Chair of the Richmond IEEE Computer Society, CISSP (Certified Information Systems Security Professional) with 24 years of experience working in various government agencies including DHS/CISA, the Department of Defense and the Department of State.

Anyone interested in joining the open, cross-sector international SBOM effort can email sbom@cisa.dhs.gov

US Government Websites

Cybersecurity & Infrastructure Security Agency (CISA) SBOM main page – https://www.cisa.gov/sbom.
National Telecommunications and Information Administration (NTIA) SBOM main page – https://www.ntia.doc.gov/SBOM.

SBOM Formats

SPDX SBOM format: https://spdx.dev/
CycloneDX SBOM and VEX formats: https://cyclonedx.org/

Linux Foundation

The State of Software Bill of Materials (SBOM) and Cybersecurity Readiness - https://www.linuxfoundation.org/tools/the-state-of-software-bill-of-materials-sbom-and-cybersecurity-readiness/
Free SBOM Course – https://training.linuxfoundation.org/training/generating-a-software-bill-of-materials-sbom-lfc192/.

Date and Time

Location

Hosts

Registration

Date: 23 May 2022
Time: 07:00 PM to 08:00 PM
All times are (GMT-05:00) EST5EDT
Add Event to Calendar
iCal
Google Calendar

If you are not a robot, please complete the ReCAPTCHA to display virtual attendance info.

Contact Event Hosts

Starts 12 April 2022 02:39 PM
Ends 23 May 2022 02:00 PM
All times are (GMT-05:00) EST5EDT
No Admission Charge