Cryptography Bill of Materials (CBOM) - Steve Springett

Описание: NOTE: Due to technical issues the first few minutes of this talk were not recorded

Cryptography Bill of Materials (CBOM) is an object model to describe cryptographic assets (short crypto-assets) and their dependencies. CBOM is an extension of the CycloneDX standard for Software Bill of Materials (SBOM), with notions to model crypto assets. CycloneDX was originally designed for use in application security and supply chain component analysis and is the SBOM format most aligned with the CBOM use case.

SPEAKER BIO:

Steve Spingett (OWASP Board Member)
Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive programming techniques.
Steve's passionate about helping organizations identify and reduce risk from the use of third-party and open source components. He is an open source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS), and is the Chair of the OWASP CycloneDX Core Working Group, a Software Bill of Materials (SBOM) Standard

NOTE: Due to technical issues the first few minutes of this talk were not recorded
Slides: Presentation slides can be downloaded here: https://github.com/OWASP/www-chapter-...

This talk was presented at the OWASP NYC Chapter Meeting on March 20th, 2024 kindly sponsored by Apiiro.

------
The OWASP® Foundation (https://owasp.org/) works to improve the security of software through its community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.

#OWASP #OWASPNYC #SBOM