Common SBOM Challenges and How to Solve Them

Presented by

Cortez Frazier Jr. | Senior Product Manager, FOSSA

About this talk

SBOMs (software bill of materials) have increasingly become an essential part of managing software supply chain security, maintaining regulatory compliance, and fulfilling customer requests. But there are several common challenges that we’ve seen organizations struggle with as they build out their SBOM programs. These include data accuracy concerns related to the lack of standardized component metadata, complexities with securely distributing SBOMs to customers, and challenges in keeping SBOM vulnerability data up to date. Although there aren’t perfect solutions to all of these issues, there are strategies that can help address them. We’d invite you to join FOSSA Senior Product Manager and SBOM leader Cortez Frazier Jr. in our upcoming webinar for concrete guidance on overcoming SBOM challenges. We’ll discuss solutions and best practices for: -Ensuring the metadata going into your SBOMs accurately reflects the intent of each data field -Dealing with the lack of unique software component naming -Validating the accuracy and provenance of the SBOMs you receive from your suppliers -Keeping vulnerability and exploitability information in SBOMs up to date -Securely distributing SBOMs to your customers
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (60)
Subscribers (6361)
Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for vulnerability management, license compliance, and code quality across the open source stack. With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.