-
CISA is issuing guidelines on the SBOM. NIST released Version 2.0 of the Cybersecurity Framework, discussing SBOMs. By 2026, 60% of organizations procuring mission-critical software solutions will mandate SBOM disclosures from their vendors according to Gartner.
Still many software producers struggle to operationalize SBOMs as a routine part of their development process. Moreover, third-party risk professionals need accountability and transparency from their vendors assuring them that the SBOMs ingested provide the full application risk profile.
In this webinar, RL Chief Trust Officer, Saša Zdjelar, and Sr. Product Marketing Manager, Joe Coletta, are joined by ExtraHop’s Sr. Engineering Manager, Christopher Chan, to discuss these new guidelines and regulations, and why the SBOM matters in curbing software supply chain risk.
You’ll come away with first-hand experience detailing how ExtraHop institutes SBOMs as a routine part of their software development lifecycle (SDLC), and how they are used to flag threat categories beyond just vulnerabilities.
Key discussion points include:
✓ Key legislation mandating SBOMs including guidance from NIST, CISA, the FDA, and the EU, and what regulators expect
- ✓ Best practices in operationalizing SBOMs for both software producers and buyers
- ✓ Common missteps in focusing solely on open-source software (OSS) components
- ✓ A practitioner perspective on how SBOMs can be integrated within the SDLC
Watch On Demand Now!