EP 40 — Steve Springett on Solving Software Supply Chain Security and SBOM Challenges
Future of Application Security19 Juli 2023

EP 40 — Steve Springett on Solving Software Supply Chain Security and SBOM Challenges

In this episode of the Future of Application Security, Harshil speaks with Steve Springett. They discuss the broad definition of what software supply chain security is, the implementation of SBOMs after the White House's Executive Order, and how organizations can effectively adopt, operationalize, and use SBOMs. They also discuss the biggest drivers for better software supply chain security, why you need to manage more than just vulnerabilities, and how organizations can start chipping away at their software security chain problems.

Topics discussed:

  • Steve's broadly encompassing definition of software supply chain security.
  • How organizations scrambled to adopt and operationalize SBOMs after the White House's Executive Order, and why Steve started SCVS (OWASP Software Component Verification Standard) as a response.
  • Why software supply chain security goes beyond just understanding and addressing your vulnerabilities, but should include knowing your inventory, and the pedigree and provenance of your assets.
  • Why SBOMs have suddenly gained in popularity, likely because of supply chain attacks and breach fatigue and the need for better solutions.
  • What to do with an SBOM: how do you share it, how can you request it at scale, how can you analyze it, and what do you do with it once you have it.
  • How to address the vulnerabilities that are listed in an SBOM that will remain unexploitable, and how to ensure the customer experience isn't negatively impacted by that list.
  • How machine learning may play a role in better understanding risk across the software supply chain.
  • Why capitalism and customer demand will be the biggest driver in pushing forward advancements in software supply chain security.

Avsnitt(60)

EP 60 - Appian’s Abdullah Munawar on Enhancing Product Security Amid Evolving Development Trends

EP 60 - Appian’s Abdullah Munawar on Enhancing Product Security Amid Evolving Development Trends

In this episode of the Future of Application Security podcast, Harshil speaks with Abdullah Munawar, Director of Product Security at Appian. Abdullah shares valuable insights into his journey from sec...

22 Maj 202421min

EP 59 - Nat Mokry on Advancing Application Security in the Gaming Industry

EP 59 - Nat Mokry on Advancing Application Security in the Gaming Industry

In our latest episode of the Future of Application Security podcast, Nat Mokry, VP of Application & Product Security at Xbox (formerly of Activision Blizzard at the time of recording), shares valuable...

24 Apr 202426min

EP 58 — Asana's Felix Matenaar on Building Resilient Security Practices for the Future

EP 58 — Asana's Felix Matenaar on Building Resilient Security Practices for the Future

In this episode of the Future of Application Security podcast, Harshil interviews Felix Matenaar, Head of Product Security at Asana. Felix shares insights into his journey from Germany to Silicon Vall...

10 Apr 202432min

EP 57 — Clari's Steve Lukose on Using SLAs as Benchmarks for Businesses

EP 57 — Clari's Steve Lukose on Using SLAs as Benchmarks for Businesses

In this episode of the Future of Application Security, Harshil speaks with Steve Lukose, Vice President of Security at Clari, about how security is becoming a business enabler rather than just an orga...

27 Mars 202427min

EP 56 — Aruneesh Salhotra on Why Security is Everyone’s Job

EP 56 — Aruneesh Salhotra on Why Security is Everyone’s Job

In this episode of the Future of Application Security, Harshil speaks with Aruneesh Salhotra, CEO and Fractional CISO, SNM Consulting Inc. They discuss the unique challenges and opportunities of appli...

28 Feb 202424min

EP 55 — BlackBerry's Christine Gadsby on What's Driving Software Supplier Transparency and Accountability

EP 55 — BlackBerry's Christine Gadsby on What's Driving Software Supplier Transparency and Accountability

In this episode of the Future of Application Security, Harshil speaks with Christine Gadsby, VP, Product Security at BlackBerry, a software company specializing in cybersecurity. They discuss the new ...

14 Feb 202426min

EP 54 — LPL Financial's Chad Girouard on Improving Application Security Through Better Tools and Relationships

EP 54 — LPL Financial's Chad Girouard on Improving Application Security Through Better Tools and Relationships

In this episode of the Future of Application Security, Harshil speaks with Chad Girouard, AVP Application Security at LPL Financial, a provider of investment and business solutions. They discuss how s...

31 Jan 202423min

EP 53 — ReversingLabs's Dave Ferguson on Securing Your Software Supply Chains

EP 53 — ReversingLabs's Dave Ferguson on Securing Your Software Supply Chains

In this episode of the Future of Application Security, Harshil speaks with Dave Ferguson, Director of Technical Product Management, Software Supply Chain Security at ReversingLabs, which offers softwa...

17 Jan 202424min

Populärt inom Business & ekonomi

framgangspodden
varvet
rss-jossan-nina
rss-svart-marknad
rss-borsens-finest
badfluence
avanzapodden
uppgang-och-fall
svd-tech-brief
bathina-en-podcast
fill-or-kill
lastbilspodden
rss-dagen-med-di
rss-kort-lang-analyspodden-fran-di
tabberaset
rss-inga-dumma-fragor-om-pengar
24fragor
kapitalet-en-podd-om-ekonomi
rikatillsammans-om-privatekonomi-rikedom-i-livet
borsmorgon