To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Tech Tania Ward, Izar Tarandach, Matt Coles, and Chris Romeo pChris Romeo Izar Tarandach Matt Cole
Content provided by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

The Security Table « »
An SBOM Fable

37:17
 
Play
Playing
Share
 

MP3Episode home
Manage episode 382668918 series 3425254
Content provided by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Join Chris, Matt, and Izar for a lively conversation about an article that offers 20 points of "essential details" to look for in a Software Bill of Materials (SBOM). They dissect and debate various points raised in the article, including generating SBOMs, the necessary components, and how to gauge the quality of this digital inventory. Their critique is both insightful and humorously candid, and they will offer you a tour through the often complex world of software documentation.
Hear about topics ranging from open source dependency tree, the necessity – or not – of manual SBOM generation, and the importance of a Vulnerability Exploitability Exchange (VEX) document alongside an SBOM. You will hear why they think an SBOM with a VEX can transform and simplify risk assessment procedures by providing clear and actionable insights for threat management.
Links:
Forbes: 20 Tech Experts Share Essential Details To Look For In An SBOM
https://www.forbes.com/sites/forbestechcouncil/2023/10/09/20-tech-experts-share-essential-details-to-look-for-in-an-sbom/

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

  continue reading

Chapters

1. An SBOM Fable (00:00:00)

2. 1. An Open-Source Dependency Tree (00:02:06)

3. 2. A Library with Version Numbers (00:04:55)

4. 3 & 4. Details on Updates and A List of Third-Party Components (00:09:50)

5. 8. Whether the SBOM is Generated Dynamically or Manually (00:13:14)

6. 9. The Encryption Protocol and Library (00:20:02)

7. 10. Data Residency (00:23:32)

8. 16. How Many and Which Functions Are Enabled (00:25:46)

9. 13. How Long It Takes To Receive the SBOM (00:27:23)

10. 18. The Delivery Address (00:30:22)

11. 20. The Final Price (00:32:37)

12. 19. A VEX Document (00:34:17)

64 episodes

#Tech #Tania Ward, Izar Tarandach, Matt Coles, and Chris Romeo #pChris Romeo #Izar Tarandach #Matt Cole
Artwork

An SBOM Fable

The Security Table

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 382668918 series 3425254
Content provided by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Izar Tarandach, Matt Coles, and Chris Romeo, Izar Tarandach, Matt Coles, and Chris Romeo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Join Chris, Matt, and Izar for a lively conversation about an article that offers 20 points of "essential details" to look for in a Software Bill of Materials (SBOM). They dissect and debate various points raised in the article, including generating SBOMs, the necessary components, and how to gauge the quality of this digital inventory. Their critique is both insightful and humorously candid, and they will offer you a tour through the often complex world of software documentation.
Hear about topics ranging from open source dependency tree, the necessity – or not – of manual SBOM generation, and the importance of a Vulnerability Exploitability Exchange (VEX) document alongside an SBOM. You will hear why they think an SBOM with a VEX can transform and simplify risk assessment procedures by providing clear and actionable insights for threat management.
Links:
Forbes: 20 Tech Experts Share Essential Details To Look For In An SBOM
https://www.forbes.com/sites/forbestechcouncil/2023/10/09/20-tech-experts-share-essential-details-to-look-for-in-an-sbom/

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

  continue reading

Chapters

1. An SBOM Fable (00:00:00)

2. 1. An Open-Source Dependency Tree (00:02:06)

3. 2. A Library with Version Numbers (00:04:55)

4. 3 & 4. Details on Updates and A List of Third-Party Components (00:09:50)

5. 8. Whether the SBOM is Generated Dynamically or Manually (00:13:14)

6. 9. The Encryption Protocol and Library (00:20:02)

7. 10. Data Residency (00:23:32)

8. 16. How Many and Which Functions Are Enabled (00:25:46)

9. 13. How Long It Takes To Receive the SBOM (00:27:23)

10. 18. The Delivery Address (00:30:22)

11. 20. The Final Price (00:32:37)

12. 19. A VEX Document (00:34:17)

64 episodes

#Tech #Tania Ward, Izar Tarandach, Matt Coles, and Chris Romeo #pChris Romeo #Izar Tarandach #Matt Cole

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox