Artwork

Content provided by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Developing and Using a Software Bill of Materials Framework

37:37
 
Share
 

Manage episode 410676853 series 3018913
Content provided by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

  continue reading

422 episodes

Artwork
iconShare
 
Manage episode 410676853 series 3018913
Content provided by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Carnegie Mellon University Software Engineering Institute and Members of Technical Staff at the Software Engineering Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

  continue reading

422 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide