Software Bill of Materials and its impact on Enterprise DevOps @DevOps Vancouver Meetup
January 25, 2022
3 min read
Bill Manning from JFrog introduced us to the Software Bill of Materials and its impact on Enterprise DevOps.
Bill Manning from JFrog will introduce us to the Software Bill of Materials and its impact on Enterprise DevOps. With the White House’s cybersecurity executive order in May 2021, has the Software Bill of Materials (aka SBOMs), graduated from being a “nice to have” to a “must-have” global standard when developing and deploying secure software from the cloud? In a nutshell, SBOMs provides visibility into which components make up a piece of software and detail how it was put together, so it’s easy to determine if it contains security and compliance issues. In this talk, we’ll discuss:
• What exactly is an SBOM?
• Securing your Software Supply Chain
• Why SBOM must be a key element of your software development life cycle’s (SDLC) security and compliance approach
• The misconceptions that exist around SBOMs
• Insights and best practices on SBOM creation and usage.
Bill is a Solutions Architect with JFrog. He is also a mentor with TechStars, Matter, and NestGSV. He has successfully exited 3 companies and took one public in Australia. He is also currently helping various startups as an advisor. In his spare time, he likes to travel with his wife and two boys. He also plays guitar, loves the ocean, and is an avid cyclist.
In the second part Willy Schaub will talk about his experience in setting up common engineering system at WorkSafeBC.
Explore the trajectory of our Common Engineering ecosystem
In recent Meetups, we introduced our efforts to establish a common engineering system to empower our engineering teams and strive for consistency, standardization, security, and continuous innovation. After we operated like the Rebel Alliance on the ice planet Hoth, I received the opportunity to create and lead a common engineering team that operates at the heart of our organization. We have an ambitious goal to empower every engineer by standardizing our engineering practices and tools and enabling continuous delivery of value to delight end-users. In this brief overview, you will get an update on where we are on our thrilling roadmap.
Willy-Peter Schaub started his IT career when computer memory was measured in kilobytes and storage in megabytes. He is a software engineer who strives for simplicity and maintainability, continuously experimenting, failing, learning, and innovating to foster healthy DevOps mindsets and empower communities and fellow engineers. Explore some of his publications, and connect with him on www.twitter.com/wpschaub and www.linkedin.com/in/wpschaub.