Making Use of All Those SBOMs-Eric Byrnes

Channel:
United States SANS Institute
Subscribers:
64,400
Published on ● Video Link: https://www.youtube.com/watch?v=fzDPQex-viA


Duration: 24:56
253 views
6

Our industry has been through numerous high-profile supply chain incidents, prompting an Executive Order mandating the supply of Software Bill of Materials (SBOMs) for all “critical software.” Thanks to a fruitful collaboration between government and industry, SBOM standards are now a reality; however, outstanding questions remain on how SBOMs will actually contribute to better security. This session will discuss how SBOMs can be more than just bureaucratic paperweights: we’ll share how to convert the mountains of data inside SBOMs into actionable threat and risk intelligence. Attend this presentation to: Understand the anatomy of an SBOM Learn what additional data is necessary for SBOMs to be truly useful Discover how industry leaders are using SBOM data today and where they are heading Hear how the industry can handle the legacy device problem Understand repercussions and alternatives if a vendor can’t (or won’t) generate SBOMs for their clients You will leave this session knowing how to use SBOMs to reduce risk in your industrial control systems.

View upcoming Summits: http://www.sans.org/u/DuS

Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE



Other Videos By SANS Institute


2022-08-17SANS Netwars Core Tournament Version 8 Demo
2022-08-16Cyber Security Expertise - Where Should You Begin?
2022-08-11Kaseya Ransomware Reaction - Lessons Learned
2022-08-02The R Word: Retelling the Recent Rise and Resurgence of Resilient Ransomware-as-a-Service Operators
2022-07-29"Crime Time" | Rethinking Ransomware and How to Disrupt It
2022-07-27Security Conversations That Matter | Seat At The Table
2022-07-20The Anatomy of a Targeted Industrial Ransomware Attack
2022-07-19Enterprise Journey to Multicloud Security
2022-07-19Detection-In-Depth: Out of Band Monitoring for Critical Process Parameters-Gus Serino
2022-07-19I Can’t Get That Out of My Memory! A PLC’s Story About Love, Loss, and Triumph- Jeffrey Shearer
2022-07-19Making Use of All Those SBOMs-Eric Byrnes
2022-07-19Board Room Decisions: How to Use Threat-Informed Industrial Risk Management-Jason Christopher
2022-07-14SANS@Night - Blueprint Podcast Live [REPLAY]
2022-07-07Panel | Self-Management Strategies for Avoiding Burnout, Staying Healthy, and Getting Stuff Done
2022-07-06The Real STEM Sadie: Owning Your Story
2022-07-05Recruiting, Training, and Retaining Neurodivergent Talent
2022-07-01Blueprint Podcast Live
2022-07-01Learning to Heal: How Neurodivergent Adults Can Recover from Years of Educational Trauma
2022-06-30Panel | Dear Neurotypicals: What We Wish Co-Workers and Managers Knew
2022-06-28Keynote: The Journey to Inclusion
2022-06-23Learning to Combat Ransomware


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training