Getting Started With an SBOM Strategy

Spring 2023

The objective of this session is to provide attendees with an understanding of SBOM, including the importance of SBOM for software security and supply chain visibility, the differences in perspectives of software vendors and large enterprise consumers, and the steps for creating an effective SBOM strategy.

Agenda:

-Introduction to SBOM (Software Bill of Materials)
-The importance of SBOM for software security and supply chain visibility
-Steps for creating an SBOM strategy
-Best practices for maintaining an accurate and up-to-date SBOM
-Q&A

Target Audience: This session is suitable for anyone interested in understanding the basics of SBOM and how to get started with implementing an SBOM strategy. This includes software development teams, security professionals, procurement teams, and supply chain management professionals from both software vendors and large enterprises.

Speakers:

As Director of Information Security at FreddieMac, Sam Satyanathan currently heads their Product / Application Security and DevSecOps organization. He started his career as a software developer which evolved into software architecture and leadership roles before moving over into the Information Security space. Along the way, he also spent several years working in the Mobile Banking/Payments domain (Google Wallet, Apple Pay etc.). His experience spans several banking and financial services companies including Bank of America/Countrywide, GEICO, Citi, Federal Reserve, CapitalOne, and Experian as well as others like Pepsi, Ericsson, Veracode, Toyota, and Aventiv across different industries. Sam holds a Bachelor’s degree in Mathematics, Masters in Computer Science and is a graduate of the full-time cohort MBA program at UTD where he continues to be a mentor to current students in the program.

Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects.

Kate was one of the founders of SPDX, and is currently the specification coordinator. She is also the co-lead for the NTIA SBOM formats and tooling working group.   Since joining The Linux Foundation, she has launched the ELISA and Zephyr Projects among others, as well as supporting other embedded projects.

With over 30 years of experience in the software industry, she has held a variety of roles and worked as a developer in Canada, Australia, and the US and for the last 20 years has managed software development teams in the US, Canada, UK, India, and China. She received her Master’s in computer science from University of Waterloo and Bachelor’s of computer science (co-op program) from the University of Manitoba.

Related events