Demystifying Kubernetes Bill of Materials (KBOM): A Crucial Asset for Enterprise Cybersecurity

Fall 2023

In this insightful session, we’ll explore the intricacies of the Kubernetes Bill of Materials (KBOM), highlighting its indispensable role for cybersecurity professionals in managing and securing enterprise Kubernetes deployments. Attendees will gain a comprehensive understanding of the KBOM, its functionalities, and its vital contribution to enhancing transparency, traceability, and security in today’s increasingly Kubernetes-centric infrastructure.
-Introduction to Kubernetes Bill of Materials (KBOM)
-Understanding KBOM: Key Components and Functionalities
-The Role of KBOM in Kubernetes Deployment Management
-Real-World Application: Case Studies of KBOM in Action
-Why KBOM Matters: Its Significance for Enterprise Cybersecurity Professionals
-Q&A and Discussion: Addressing Your KBOM Queries

Who Should Attend: This session is tailor-made for cybersecurity professionals, IT managers, DevOps engineers, CIOs, CTOs, and those responsible for managing Kubernetes deployments. It’s also ideal for individuals keen on understanding new tools and strategies to strengthen their organization’s cybersecurity posture in a Kubernetes-driven landscape.


Stephen (Steve) Westmoreland is a Senior Manager in the Consulting practice of Ernst & Young LLP.

Steve is part of Ernst & Young’s Cyber Security practice focusing on Application Security, Cloud Architectures, Secure-By-Design Architectures, and Advanced Security Operations.

With more than 35 years of experience in Information Technology and Information Security, he has held numerous executive and technology leadership roles ranging from technology start-ups to Fortune 50 corporations. He has an extensive background in Cloud Transformation, DevSecOps architecture/deployment, Information Security Operations, and Information Security Continuous Compliance. He has successfully designed, architected, and implemented Cyber Security programs that address extremely high compliance requirements while addressing the cultural shift within the organizations to support those programs long term.

Steve has a broad range of participation and interest in advanced Cloud technologies acting as an advisor and contributor to many Open-Source projects involving Kubernetes, Observability, Service Mesh, OpenTelemetry, Edge compute systems, Software Bill of Materials and DevSecOps Automation.

Kris is Senior Vice President of Cloud Native Technologies at KCS. He is a leading expert on cloud technology and cloud security. Kris is responsible for engineering, management of distributed teams and execution. He is driven to ensure “on time / on spec / on quality” deliveries to global customers and has empowered some of the largest and most prestigious organizations and enterprises with secure / compliant cloud solutions.

Earlier, Kris was President at Biarca, a Cloud-native technology consultancy. Biarca takes a DevOps centric view of the world in building solutions around infrastructure modernization, cloud native applications, Analytics and Site Reliability Engineering.

Kris was Vice President of Engineering Services for Sullego, Inc a NAS startup with a state of the art product but had fallen victim to the economic downturn. Before that Kris was the Director of Program Management for Xyratex Storage Network System division and was instrumental in successfully launching a new product line of Storage Appliance to the market. Before joining Xyratex, Kris was Director of Program Management and offshore Engineering of Snap Appliance / Adaptec Inc. Before moving to the Bay Area, Kris was a member of the Advanced Sensor Technology Center at Goodrich Aerospace and was responsible for several successful research initiatives.

Kris is a Stanford Certified Program Manager and holds a Ph.D. from Penn State University.

Related events