Loading…
ChiBrrCon V - 2025: Wizards and Warlocks
← Back to schedule
Illuminating Transparency: The Evolution of SBOMs and Beyond LIMITED
Thursday February 13, 2025 11:15am - 12:00pm CST
↙️ Dragon's Den (Hermann Lounge)
Transparency in software and system supply chains is no longer optional—it is a necessity. With the rapid evolution of threats, compliance requirements, and technological complexity, organizations need a robust framework to manage and communicate the composition and integrity of their digital assets. This talk will explore the current and future state of transparency through Software Bills of Materials (SBOMs) and their emerging variants, such as Cryptography BOMs (CBOMs) and Machine Learning BOMs (ML-BOMs).
Attendees will gain insights into how these BOM formats address specific challenges, from ensuring quantum-safe cryptographic practices to cataloging datasets and algorithms in AI/ML systems. We will discuss the role of SBOMs in enhancing security, compliance, and risk management, while highlighting groundbreaking innovations like the autonomous sharing of supply chain artifacts and intelligence. By leveraging standards like CycloneDX, organizations can achieve seamless integration, automation, and collaboration across the supply chain ecosystem.
This session will also delve into the implications of autonomous transparency—systems that automatically generate, share, and validate BOMs and related attestations, enabling a proactive approach to security and compliance. Whether you’re a developer, security professional, or policymaker, this talk will equip you with the knowledge to navigate and influence the evolving landscape of software supply chain transparency.
Speakers
avatar for Steve Springett

Steve Springett

Director, Product Security, ServiceNow
Steve educates teams on the strategy and specifics of developing secure software.He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive... Read More →
Thursday February 13, 2025 11:15am - 12:00pm CST
↙️ Dragon's Den (Hermann Lounge)
  Third Party Risk Management, Supply Chain Management

Attendees (26)


Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link