Hi [[ session.user.profile.firstName ]]

Live Webinar & Demo: SBOMs Made Simple with FOSSA

Recent cyberattacks and the Biden Administration's Cybersecurity Executive Order have put the spotlight on Software Bill of Materials (SBOMs). The executive order requires organizations that sell into the federal government to produce an SBOM with each product (or as part of a public website), while analysts expect a detailed and regularly updated SBOM to be a non-negotiable requirement for most enterprise software buyers by 2024. In light of the recent NTIA regulations, you won’t want to miss this informative webinar.

Join us on September 16, 2021, as FOSSA’s Director of Sales Engineering, Deepak Mehta, discusses how FOSSA enables customers to generate precise and fast SBOMs that will meet their mission-critical use cases. In addition, he will cover:
- What is an SBOM and why we need them
- Use cases of SBOMs
- Generating an SBOM
- Creating an SBOM with FOSSA (live demo)
Recorded Sep 16 2021 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Deepak Mehta, Director of Sales Engineering, FOSSA
Presentation preview: Live Webinar & Demo: SBOMs Made Simple with FOSSA

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Enterprise Software Architecture and Open Source Compliance Oct 28 2021 4:00 pm UTC 34 mins
    Carlos Cheung — Head of Open Source, FOSSA
    Learn how the best software companies in the world are using Enterprise architecture to scale their Open Source usage & Open Source compliance. Join us as we discuss the importance of Open Source Management within Enterprise technology initiatives, and focus on how to best apply this management within the software development life cycle — no matter what methodologies you may be using.

    This webinar will cover:
    * Emerging trends in Open Source Usage in the Enterprise
    * Three major software architecture areas affecting compliance governance
    * Best practices for managing compliance governance in the Enterprise

    Presenter Carlos Cheung is the Head of Open Source at FOSSA, and also serves on the Business Advisory Council at Georgetown University's McDonough School of Business. He has held product management and software engineering roles at Optimizely, VoiceLabs and other San Francisco Bay Area SaaS companies.
  • Best Practice in Open Source Compliance and Security with Wipro & Moonfare Recorded: Sep 30 2021 52 mins
    Umut Koseali, Moonfare; Andrew Aitkin, Wipro; Andy Drukarev, FOSSA
    From manufacturing to financial services and everything in between, organizations across industries have embraced open source software (OSS). But as OSS has increased in popularity, so too have challenges relating to security, quality, and license compliance.

    In this panel webinar, global IT solutions provider Wipro and financial services platform Moonfare will discuss their experiences with OSS, including trends, best practices for compliance and security, and pitfalls to avoid.
  • Live Webinar & Demo: SBOMs Made Simple with FOSSA Recorded: Sep 16 2021 36 mins
    Deepak Mehta, Director of Sales Engineering, FOSSA
    Recent cyberattacks and the Biden Administration's Cybersecurity Executive Order have put the spotlight on Software Bill of Materials (SBOMs). The executive order requires organizations that sell into the federal government to produce an SBOM with each product (or as part of a public website), while analysts expect a detailed and regularly updated SBOM to be a non-negotiable requirement for most enterprise software buyers by 2024. In light of the recent NTIA regulations, you won’t want to miss this informative webinar.

    Join us on September 16, 2021, as FOSSA’s Director of Sales Engineering, Deepak Mehta, discusses how FOSSA enables customers to generate precise and fast SBOMs that will meet their mission-critical use cases. In addition, he will cover:
    - What is an SBOM and why we need them
    - Use cases of SBOMs
    - Generating an SBOM
    - Creating an SBOM with FOSSA (live demo)
  • Live Panel: Simplifying OSS Compliance in the Automotive Industry Recorded: Jul 29 2021 55 mins
    Russ Eling (OSS Engineering Consultants), Brad Goldring (GTC Law Group), Carlos Cheung (FOSSA)
    The rise in autonomous and connected vehicles means our cars now contain more and more electronics and software. Increasingly, OEMs and their suppliers are turning to Open Source Software (OSS) to boost engineering velocity and drive innovation. Meanwhile, legal teams have to deal with a complex web of licenses and ensure that there are no violations of license terms or problematic usage of copyleft licenses.

    With that as a backdrop, we’ve convened a panel of industry experts to discuss today’s compliance landscape in the automotive industry. We’ll discuss:

    - Best practices in collaborating with stakeholders to assess and resolve license issues
    - Overcoming obstacles in policy creation
    - How to make the license compliance process faster and more efficient
    - Managing security vulnerabilities and regulations like the US Cybersecurity Executive Order
  • Attacking Applications via Upstream Dependency Maintainers Recorded: Jun 24 2021 34 mins
    Matt Schwartz, FOSSA Engineer
    Open source software has drastically increased code reusability and access while decreasing the cost and time to deliver reliable code. It has become so commonplace and ubiquitous that over 90% of production software is now written and maintained by external parties.

    But these benefits come with some measure of potential risk in the form of an expanded attack surface. Securing your own code and developers’ tools is no longer enough to defend against all threats. This presentation will explore how vulnerabilities are discovered, verified, and the scope of impact they could have if they were exploited by a malicious party. More importantly, we will also cover the steps that can be taken to protect projects and their use of open source software from being vulnerable to dependency confusion attacks.
  • M&A and Open Source During Uncertain Times Recorded: May 27 2021 56 mins
    Alessandra Simmons, Goodwin Law; Steven Argentieri, Goodwin Law; Brad Goldring, GTC Law; Carlos Cheung, FOSSA
    We live in unprecedented times but many companies are using the uncertainty as an opportunity to grow by either merging or being acquired. But what was once an already complex process, modifications to the M&A open source process is mandatory.

    Join our panel discussion with legal counsel and M&A experts Alessandra Simmons, (Goodwin Law); Steven Argentieri, Goodwin Law; and Brad Goldring from GTC Law as they discuss:
    - M&A due diligence: trends before and during a pandemic
    - Due diligence limitations during the pandemic
    - Risk factors in M&A due diligence
    - Differentiating between open source consumer versus contributor
    - Best practices on navigating through uncertain times
  • Automating Application Security Testing with Github Actions Recorded: Apr 8 2021 71 mins
    Scott Gerlach (CSO, StackHawk) and Solomon Rubin (Software Engineer, FOSSA)
    We have all heard the buzz about developer-centric application security. But implementing a modern AppSec program can be challenging.

    Join Scott Gerlach (CSO, StackHawk) and Solomon Rubin (Software Engineer, FOSSA) as they discuss how you can automate and integrate application security testing in CI/CD with GitHub actions. Together, the two will walk through how you can test for vulnerabilities in all of your applications – including open source, proprietary code, and containers.

    By the end of the session, you will have the right tools to test for security vulnerabilities on every merge.
  • Best Practice in Open Source Compliance and Security with Wipro & Moonfare Recorded: Mar 18 2021 52 mins
    Umut Koseali, Moonfare; Andrew Aitkin, Wipro; Andy Drukarev, FOSSA
    From manufacturing to financial services and everything in between, organizations across industries have embraced open source software (OSS). But as OSS has increased in popularity, so too have challenges relating to security, quality, and license compliance.

    In this panel webinar, global IT solutions provider Wipro and financial services platform Moonfare will discuss their experiences with OSS, including trends, best practices for compliance and security, and pitfalls to avoid.
  • The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester Recorded: Jan 28 2021 43 mins
    Sandy Carielli, Principal Analyst at Forrester Research, Gauthami Polasani, Senior Product Marketing
    With over 90% of your code now comprised of open source components, all application security strategies must aggressively address the risk from open source vulnerabilities. Open source is a key driver of innovation, but it also greatly expands the attack surface for malicious actors.

    Modern security teams face the dual challenge of addressing risks and minimizing the burden on engineering of time-consuming processes that slow down product velocity. While software composition analysis (SCA) offers enterprises a solution to monitoring, analyzing, and mitigating risk in their open source code, there is an increasing need for more consistent policy standards and much deeper integration into existing software development workflows to improve both engineering efficiency and code quality.

    Join FOSSA and guest Forrester as we discuss:
    - The role of automation and SCA in open source security
    - Managing vulnerabilities across security and engineering
    - The evolution of SCA from scanning to policy
    - How to evaluate and choose an SCA solution
  • Maximizing the Value of Open Source Recorded: Jan 21 2021 49 mins
    Marko Bocevski, Founder of Keitaro & Ryan Sheldrake, SE at FOSSA
    Over 90% of enterprise companies have adopted open source saving them time and money. But there’s so much more to open source. Join Keitaro founder Marko Bocevski and FOSSA open source expert, Ryan Sheldrake, as they discuss the history and future of open source and how to maximize its value. In this webinar, we will cover:
    - Why Open Source is so Challenging to Manage
    - Why synchronous compliance is important
    - How does the landscape change....new attack techniques
    - How to save money and increase accuracy when auditing free and open source

    About our speakers:
    Marko is the CTO and founder of Keitaro. Prior to Keitaro, he has held various technology and IT services leadership roles in global organizations with a strong go-to-market and customer focus. With vast experience in open-source software, cloud solutions, application lifecycle management, and service management, he has been leading Keitaro’s successful growth since the start back in 2012.


    Ryan is a technology evangelist and industry thought leader. Having worked in a multitude of roles in a career spanning 20+ years so far, from Operator to Principal Architect and across the financial, retail, and defense verticals, he brings a wealth of knowledge about IT design and delivery.

    In recent years, Ryan has specialized in Software Composition Analysis. He'll tell you he's done it longer than the name exists, too! Still hands-on, creating prototypes, building hundreds of CI/CD pipelines per year, Ryan is a leading expert in the Open Source Management world.
  • How to Efficiently Manage OSS Security and Compliance Across Teams Recorded: Jan 14 2021 51 mins
    Valentina Ditoiu, Compliance Legal Lead, UiPath; Valentin Lupu, Sec Program Mgr, UiPath; Ryan Goldman, VP Marketing, FOSSA
    For modern product teams, trading off between productivity and efficiency is an absolute non-starter, especially when it comes to collaboration across different parts of the org. Working with open source software only complicates cross-functional workflows, since third-party code introduces so many variables and so much surface area for risk.

    In this webinar, leaders from UiPath will discuss the stream of interactions between Security, Engineering, and Legal in monitoring, investigating, and remediating open source vulnerability and license issues. We’ll cover how to promote joint SLAs and use automation tools like FOSSA, CI/CD pipelines, and tracking tools like Jira to reduce technical overhead and enable better results right in existing development processes. You’ll learn more about:
    - Why Security should build pipelines for automated code SCA scans
    - What info Legal needs to understand how OSS is used (e.g., repository structure)
    - How to convey data to Engineering to resolve compliance and security issues earlier
  • The Changing Role Of SCA In Your Open Source Security Strategy, Feat. Forrester Recorded: Dec 15 2020 44 mins
    Sandy Carielli, Principal Analyst at Forrester Research, Gauthami Polasani, Senior Product Marketing
    With over 90% of your code now comprised of open source components, all application security strategies must aggressively address the risk from open source vulnerabilities. Open source is a key driver of innovation, but it also greatly expands the attack surface for malicious actors.

    Modern security teams face the dual challenge of addressing risks and minimizing the burden on engineering of time-consuming processes that slow down product velocity. While software composition analysis (SCA) offers enterprises a solution to monitoring, analyzing, and mitigating risk in their open source code, there is an increasing need for more consistent policy standards and much deeper integration into existing software development workflows to improve both engineering efficiency and code quality.

    Join FOSSA and guest Forrester as we discuss:
    - The role of automation and SCA in open source security
    - Managing vulnerabilities across security and engineering
    - The evolution of SCA from scanning to policy
    - How to evaluate and choose an SCA solution
  • How to Efficiently Manage OSS Security and Compliance Across Teams Recorded: Nov 19 2020 52 mins
    Valentina Ditoiu, Compliance Legal Lead, UiPath; Valentin Lupu, Sec Program Mgr, UiPath; Ryan Goldman, VP Marketing, FOSSA
    For modern product teams, trading off between productivity and efficiency is an absolute non-starter, especially when it comes to collaboration across different parts of the org. Working with open source software only complicates cross-functional workflows, since third-party code introduces so many variables and so much surface area for risk.

    In this webinar, leaders from UiPath will discuss the stream of interactions between Security, Engineering, and Legal in monitoring, investigating, and remediating open source vulnerability and license issues. We’ll cover how to promote joint SLAs and use automation tools like FOSSA, CI/CD pipelines, and tracking tools like Jira to reduce technical overhead and enable better results right in existing development processes. You’ll learn more about:
    - Why Security should build pipelines for automated code SCA scans
    - What info Legal needs to understand how OSS is used (e.g., repository structure)
    - How to convey data to Engineering to resolve compliance and security issues earlier
  • Maximizing the Value of Open Source Recorded: Nov 12 2020 50 mins
    Marko Bocevski, Founder of Keitaro & Ryan Sheldrake, SE at FOSSA
    Over 90% of enterprise companies have adopted open source saving them time and money. But there’s so much more to open source. Join Keitaro founder Marko Bocevski and FOSSA open source expert, Ryan Sheldrake, as they discuss the history and future of open source and how to maximize its value. In this webinar, we will cover:
    - Why Open Source is so Challenging to Manage
    - Why synchronous compliance is important
    - How does the landscape change....new attack techniques
    - How to save money and increase accuracy when auditing free and open source

    About our speakers:
    Marko is the CTO and founder of Keitaro. Prior to Keitaro, he has held various technology and IT services leadership roles in global organizations with a strong go-to-market and customer focus. With vast experience in open-source software, cloud solutions, application lifecycle management, and service management, he has been leading Keitaro’s successful growth since the start back in 2012.


    Ryan is a technology evangelist and industry thought leader. Having worked in a multitude of roles in a career spanning 20+ years so far, from Operator to Principal Architect and across the financial, retail, and defense verticals, he brings a wealth of knowledge about IT design and delivery.

    In recent years, Ryan has specialized in Software Composition Analysis. He'll tell you he's done it longer than the name exists, too! Still hands-on, creating prototypes, building hundreds of CI/CD pipelines per year, Ryan is a leading expert in the Open Source Management world.
  • Automating developer-centric application security in CI/CD Recorded: Nov 10 2020 67 mins
    CircleCI, FOSSA, SecretHub, StackHawk
    DevSecOps is the philosophy of developing applications and infrastructure securely from ideation to deployment. It requires consideration of security risks at all stages of the development lifecycle. Developer-centric application security tooling makes it simple to automate the process of ensuring security as applications are pushed to production.

    Join CircleCI, SecretHub, FOSSA, and StackHawk to learn how to integrate AppSec throughout your entire CI/CD pipeline. In this webinar, we will demonstrate how developers can easily take ownership of security and automate secrets management, software composition analysis (SCA), and dynamic application security testing (DAST). We will work through a CircleCI pipeline with AppSec tools built into it.
  • Heather Meeker on OSS Compliance: Demystifying License Notices with Automation Recorded: Oct 29 2020 63 mins
    Heather Meeker, Partner - O’Melveny & Myers
    In this webinar, Heather Meeker, a partner in the Silicon Valley office of O’Melveny & Myers specializing in copyright and open source, will demystify the growing questions about license notices and provide best practices for using software to improve open source software compliance. You’ll learn more about:
    - Differences between license notices and copyright notices
    - Notices in source and binary deliveries
    - Template licenses and notice duplication
    - Automation’s role in meeting notice creation challenges
    - Challenges for notice delivery in embedded software and IoT
    - SPDX standard for bill of materials deliveries

    As a bonus, all attendees will receive a copy of Heather’s most recent book, Open Source for Business A Practical Guide to Open Source Software Licensing (Third Edition, 2020).
  • M&A and Open Source During Uncertain Times Recorded: Sep 24 2020 56 mins
    Alessandra Simmons, (Goodwin Law), Steven Argentieri (Goodwin Law), Brad Goldring (GTC Law),Carlos Cheung,(FOSSA)
    We live in unprecedented times but many companies are using the uncertainty as an opportunity to grow by either merging or being acquired. But what was once an already a complex process, modifications to the M&A open source process is mandatory.

    Join our panel discussion with legal counsel and M&A experts Steven Argentieri from Goodwin Law and Brad Goldring from GTC Law as they discuss:
    - M&A due diligence: trends before and during a pandemic
    - Due diligence limitations during the pandemic
    - Risk factors in M&A due diligence
    - Differentiating between open source consumer versus contributor
    - Best practices on navigating through uncertain times
  • Being a Product Counsel Even If You're Not Technical Recorded: Sep 3 2020 63 mins
    Kate Downing, Veteran In-House Product Counsel; John Tsai, Stripe; Oliver Louie, HelloSign
    The emerging role of Product Counsel is increasingly crucial for technology companies in bringing new products to market. The Product Counsel serves to bridge the gap between the companies’ business, technological, and legal stakeholders. However, the role is not limited to those with deep technical expertise; attorneys with a wide range of backgrounds and experience provide value to their organizations in the Product Counsel role.

    Watch this on-demand panel webinar hosted by Above the Law, as experts discuss:

    - Defining the role of product counsel
    - Critical knowledge pillars for the role
    - Measuring success: what are the relevant KPIs?
    - Transitioning from commercial to product counsel
  • Open Source Security Vulnerabilities in Enterprise Environments Recorded: Jun 25 2020 36 mins
    Xin Ding, Product Manager at FOSSA
    As more organizations realize the benefits of Open source, its adoption keeps growing with remarkable momentum. But it also comes with its own set of security challenges. As our dependency on open source keeps growing it becomes more urgent to understand and manage the vulnerabilities that it brings.

    Listen to Xin Ding, Product Manager at FOSSA as he shares his thoughts on the state of Open source vulnerability management and how today’s enterprises can address their security needs without disrupting their development cycle.

    Join FOSSA as we discuss:
    - Open source in Enterprise IT environments
    - Open source vulnerabilities and examples of high profile vulnerabilities
    - How Open source vulnerabilities affect your business
    - Best practices to secure your Open source libraries.
    - Things to consider when evaluating a Vulnerability tool
  • Enterprise Software Architecture and Open Source Compliance Recorded: May 12 2020 34 mins
    Carlos Cheung — Head of Open Source, FOSSA
    Learn how the best software companies in the world are using Enterprise architecture to scale their Open Source usage & Open Source compliance. Join us as we discuss the importance of Open Source Management within Enterprise technology initiatives, and focus on how to best apply this management within the software development life cycle — no matter what methodologies you may be using.

    This webinar will cover:

    * Emerging trends in Open Source usage in the Enterprise
    * 3 major software architecture areas affecting compliance governance
    * Best practices for managing compliance governance in the Enterprise

    Presenter Carlos Cheung is the Head of Open Source at FOSSA, and also serves on the Business Advisory Council at Georgetown University's McDonough School of Business. He has held product management and software engineering roles at Optimizely, VoiceLabs and other San Francisco Bay Area SaaS companies.
Be Continuous. Automate the Risk out of Your Open Source.
Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for vulnerability management, license compliance, and code quality across the open source stack. With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Live Webinar & Demo: SBOMs Made Simple with FOSSA
  • Live at: Sep 16 2021 4:00 pm
  • Presented by: Deepak Mehta, Director of Sales Engineering, FOSSA
  • From:
Your email has been sent.
or close