So, SBOMs Matter…Now What? - Sophie Wigmore & Frankie Gallina-Jones, VMware

less than 1 minute read

Abstract

Lately, the main conversation in the software bill of materials space has largely been around why you need a SBOM to solve your security concerns, and what it can add to your secure software supply chain. At this point, community buy-in is strong, but critical questions remain undecided: How is this technology best employed in a Kubernetes setting? Which of the options in this space is right for each use case? In an emerging space within the cloud native community, there is a lot to learn, and it seems as though the best practices are changing all the time. In this session, attendees will be walked through the pros/cons of different SBOM approaches by people who have spent over a year exploring this topic, defining best practices, and building open source solutions with SBOMs. Additionally, attendees will get a demonstration of how Paketo Buildpacks-generated application images already contain an embedded SBOM, by leveraging Syft.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

So, SBOMs Matter…Now What? - Sophie Wigmore & Frankie Gallina-Jones, VMware

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google