Getting Your Software Supply Chain In Tune with SBOM Harmonization

Update: 2025-10-23

Description

Software bills of materials or SBOMs are critical to software security and supply chain risk management. Ideally, regardless of the SBOM tool, the output should be consistent for a given piece of software. But that is not always the case. The divergence of results can undermine confidence in software quality and security. In our latest podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Jessie Jamieson, a senior cyber risk engineer in the SEI's CERT Division, sits down with Matt technical director of Risk and Resilience in CERT, to talk about how to achieve more accuracy in SBOMs and present and future SEI research on this front.

Comments

In Channel

Getting Your Software Supply Chain In Tune with SBOM Harmonization

2025-10-2323:14

API Security: An Emerging Concern in Zero Trust Implementations

2025-10-0817:41

Delivering Next-Generation AI Capabilities

2025-09-2930:18

The Benefits of Rust Adoption for Mission-and-Safety-Critical Systems

2025-09-1619:38

Threat Modeling: Protecting Our Nation's Complex Software-Intensive Systems

2025-09-0535:02

Understanding Container Reproducibility Challenges: Stopping the Next Solar Winds

2025-07-3025:10

Mitigating Cyber Risk with Secure by Design

2025-07-1432:29

The Magic in the Middle: Evolving Scaled Software Solutions for National Defense

2025-06-1821:25

Making Process Respectable Again: Advancing DevSecOps in the DoD Mission Space

2025-06-0444:26

Deploying on the Edge

2025-05-2801:01:02

The Best and Brightest: 6 Years of Supporting the President's Cup Cybersecurity Competition

2025-05-1221:40

Updating Risk Assessment in the CERT Secure Coding Standard

2025-04-1735:52

Delivering Next Generation Cyber Capabilities to the DoD Warfighter

2025-04-1527:16

Getting the Most Out of Your Insider Risk Data with IIDES

2025-03-2639:14

Grace Lewis Outlines Vision for IEEE Computer Society Presidency

2025-03-1118:14

Improving Machine Learning Test and Evaluation with MLTE

2025-03-0329:06

DOD Software Modernization: SEI Impact and Innovation

2025-02-2527:12

Securing Docker Containers: Techniques, Challenges, and Tools

2024-12-1639:09

An Introduction to Software Cost Estimation

2024-12-0422:55

Cybersecurity Metrics: Protecting Data and Understanding Threats

2024-10-1127:00

00:00

Getting Your Software Supply Chain In Tune with SBOM Harmonization

Jessie Jamieson and Matthew Butkovic

#box-pro-ellipsis-176190752170272{-webkit-line-clamp:2;}Getting Your Software Supply Chain In Tune with SBOM Harmonization

Getting Your Software Supply Chain In Tune with SBOM Harmonization

Jessie Jamieson and Matthew Butkovic

Getting Your Software Supply Chain In Tune with SBOM Harmonization