Over the past year, we have seen numerous failings of products caused by issues within their software supply chains. These failings have resulted in the U.S. Presidential Executive Order and subsequent Software Bill of Material (SBoM) initiatives. While SBoMs have been around for some time, not everyone uses them to prevent supply chain issues. This new SBoM initiative may help with that, as well as enable some abuses and ultimately not be the great panacea that everyone needs. This session will go over the various initiatives and current state of the SBoM. It will also demonstrate several issues and solutions that may be needed if we are to survive SBoM deployment.
Understand current state of the Software Bill of Material initiatives.
Know questions to ask when reviewing SBoMs and how you as a developer, systems manager or user can best leverage them.
Anticipate the misuses of SBoMs avoid becoming an SBoM victim.