November 21, 2023 at 09:00AM
Webinar: Learn why a Software Bill of Materials (SBOM) may not provide sufficient protection for your application’s attack surfaces. Introducing an eXtended Software Bill of Materials (XBOM) that offers a more accurate and comprehensive view of your application, infrastructure, and pipeline components. Join the webinar on 28 November at 5pm GMT/12pm ET/8am PT to find out more and enhance your security program. Sign up here and receive a reminder. Sponsored by Apiiro.
From the meeting notes, it appears that the main topic discussed was the importance of having a Software Bill of Materials (SBOM) to meet regulatory and buyer requirements. However, there was a question raised about whether SBOM provides enough protection, considering its limited view into interconnected and ever-changing application attack surfaces.
The US Government introduced SBOM in May 2021 through its Executive Order on Improving the Nation’s Cybersecurity. SBOM is a tool that helps manage and secure applications by providing a comprehensive list of software components, dependencies, and metadata associated with an application.
While SBOM surveys the foundational building blocks of an application, there is a suggestion that it may not be sufficient. It is proposed that an eXtended software bill of materials (XBOM) could provide a more accurate and comprehensive view of application, infrastructure, and pipeline components. XBOMs can build on top of SBOMs and offer an exhaustive inventory of application and supply chain components, associated risks, and how they change over time.
To learn more about the benefits and shortcomings of SBOM and the advantages of implementing an XBOM, the team recommended joining the upcoming webinar titled “Why You Need an XBOM: An eXtended Software Bill of Materials” on 28 November at 5pm GMT/12pm ET/8am PT. The webinar, sponsored by Apiiro, will provide insights on how an XBOM can enhance application and supply chain security programs.
For those interested, signing up for the webinar will ensure receiving a reminder when the event is about to begin.