Example Track 1

Software Bill of Materials: Transparency in the Software Supply Chain

Jan 19, 2021

11:00 AM - 11:25 AM

Allan Friedman, PhD

Director of Cybersecurity Initiatives, National Telecommunications and Information Administration

Department of Commerce

The first step to better security in the software supply chain is understanding what we have. All modern software is built on smaller components. A "software bill of materials" (SBOM) tracks those underlying components, enabling better development, risk management, vulnerability management, and incident response. This presentation will summarize the international, cross-sector work convened by NTIA to establish the technical and operational basics of SBOMs to enable further supply chain security work.