Steve Springett -- Software and System Transparency

Update: 2024-08-29

Description

Steve Springett, an expert in secure software development and a key figure in several OWASP projects is back. Steve unpacks CycloneDX and the value proposition of various BOMs. He gives us a rundown of the BOM landscape and unveils some new BOM projects that will continue to unify the security industry. Steve is a seasoned guest of the show so we learn a bit more about Steve's hobbies, providing a personal glimpse into his life outside of technology.

Links from this episode:

https://cyclonedx.org/

Previous episodes with Steve Springett:
JC Herz and Steve Springett -- SBOMs and software supply chain assurance

Steve Springett — An insiders checklist for Software Composition Analysis

Steve Springett -- Dependency Check and Dependency Track

Book:
Software Transparency: Supply Chain Security in an Era of a Software-Driven Society by Chris Hughes and Tony Turner

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Matin Mavaddat - Understanding Security as a Systemic Concern: The Role of Anti-Requirements

2024-11-1250:20

Kayra Otaner -- DevSecOps

2024-10-2932:46

François Proulx - Arbitrary Code Execution 0-day in Build Pipeline of Popular Open Source Packages

2024-10-2245:31

Steve Wilson -- The Developer's Playbook for Large Language Model Security: Building Secure AI Applications

2024-10-0136:32

Jeff Williams -- Application Detection & Response (ADR)

2024-09-2451:28

Phillip Wylie -- Pen Testing from Somebody who Knows about Pen Testing

2024-09-1752:08

Steve Springett -- Software and System Transparency

2024-08-2948:13

Irfaan Santoe -- The Power of Strategy in AppSec

2024-07-3140:14

Andrew Van Der Stock -- The New OWASP Top Ten

2024-07-2351:51

Derek Fisher -- Hiring in Cyber/AppSec

2024-07-1601:01:45

Tanya Janca -- Secure Guardrails

2024-07-0901:04:50

Jahanzeb Farooq -- Launching and executing an AppSec program

2024-07-0249:44

David Quisenberry -- Building Security, People, and Programs

2024-06-1856:54

Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People

2024-06-1146:14

James Berthoty -- Is DAST Dead? And the future of API security

2024-05-3144:56

Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding

2024-05-2142:32

Devin Rudnicki -- Expanding AppSec

2024-05-1435:57

Dustin Lehr -- Culture Change through Champions and Gamification

2024-04-1645:10

Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

2024-04-0938:11

Mukund Sarma -- Developer Tools that Solve Security Problems

2024-04-0246:32

00:00

Steve Springett -- Software and System Transparency

Chris Romeo and Robert Hurlbut

#box-pro-ellipsis-173234681529862{-webkit-line-clamp:2;}Steve Springett -- Software and System Transparency

Steve Springett -- Software and System Transparency

Chris Romeo and Robert Hurlbut

Steve Springett -- Software and System Transparency