10-27, 18:20–18:25 (Europe/Berlin), Main stage
Software Bill Of Materials (SBOMs) are booming (or sBO(O)Ming) today, becoming a backbone of many Software Supply Chain security and compliance efforts. This session will cover the speakers' real-world experiences when they created their own SBOM format and put it in production long before SBOM became a thing. We will talk about SBOM basics, formats, and industry standards, showcase three stages for SBOM management (collection/producers, distribution/storage, and analysis/consumers), walk you through various rapidly growing tools from each category, and discuss strategies for building your own built-to-your-spec solution.
We will demo how to generate, collect, store and consume SBOMs using open-source projects. You'll leave this talk with a deeper understanding of SBOM and how to properly use it to increase transparency, security, and compliance in your Software Supply Chain.
Co-founder and CEO at Chainloop and one of the maintainers of Chainloop OSS. Product Leader with over a decade of expertise building applications around Open Source and Software Supply Chain Security at Bitnami (Engineering) and VMware (Product Management). Dad, biker, and backcountry skier, tunning his campervan in his free time.