CSCP S4EP03 - Steve Springett - To BOM or to SBOM this is the question
Description
Steve Springett is the Director of Product Security at ServiceNow, helping 4,000+ developers build secure and resilient software. He’s a leader of multiple OWASP projects including Dependency Track, SCVS, and Cyclone DX. In this conversation, Steve and Francesco discuss the term SBOM (software bill of materials), the importance of regulations, and the state of the industry.
The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://phoenix.security/request-a-demo/ for a free 14-day licence.
0:00 Introduction
1:35 Steve’s background
2:35 State of the industry
7:00 Breach fatigue
10:00 Shift left, shift smart
13:45 How to make asset management sexy again
17:10 Threat modeling
20:00 Regulation
26:00 Security metrics
28:15 OWASP projects—SBOM platform
34:14 Final positive message
36:09 Get connected
37:20 Outro
Steve Springett
https://www.linkedin.com/in/stevespringett/
https://infosec.exchange/@stevespringett
Twitter @stevespringett
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links
Follow us on social media to get the latest episodes:
Website: http://www.cybercloudpodcast.com/
You can listen to this podcast on your favourite player:
Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463
Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ
Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
United States
