Software Bill of Material: A Three Step Plan for Maximum Effectiveness

Fall 2023

Join Steve Westmoreland in an insightful ONUG session on the “Software Bill of Material (SBOM): A Three-Step Plan for Maximum Effectiveness.” Dive deep into the intricacies of SBOM, learn actionable strategies for inventorying, monitoring, and integrating software components, and engage directly with a leading expert to enhance your organization’s software management and security practices.

-Welcome and introduction by host: Brief on the importance of the Software Bill of Materials in today’s digital age. -Presentation by Steve Westmoreland
a. Understanding the SBOM
– What is an SBOM?
– Why do we need an SBOM?
– The rise of SBOM in modern software management

b. The Three-Step Plan for Maximum Effectiveness
– Inventory and Categorization
– Importance of a comprehensive inventory
– Tools and methodologies for creating an inventory
– Categorizing software components for easy management
-Networking Session: Attendees can engage with Steve and other professionals, exchange thoughts, share insights, and discuss collaboration opportunities.


Stephen (Steve) Westmoreland is a Senior Manager in the Consulting practice of Ernst & Young LLP.

Steve is part of Ernst & Young’s Cyber Security practice focusing on Application Security, Cloud Architectures, Secure-By-Design Architectures, and Advanced Security Operations.

With more than 35 years of experience in Information Technology and Information Security, he has held numerous executive and technology leadership roles ranging from technology start-ups to Fortune 50 corporations. He has an extensive background in Cloud Transformation, DevSecOps architecture/deployment, Information Security Operations, and Information Security Continuous Compliance. He has successfully designed, architected, and implemented Cyber Security programs that address extremely high compliance requirements while addressing the cultural shift within the organizations to support those programs long term.

Steve has a broad range of participation and interest in advanced Cloud technologies acting as an advisor and contributor to many Open-Source projects involving Kubernetes, Observability, Service Mesh, OpenTelemetry, Edge compute systems, Software Bill of Materials and DevSecOps Automation.

Related events