A Standardized Approach to SBOM – Dan McKinney – ASW #173
In this segment, Mike and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets.
This segment is sponsored by Cloudsmith.
Visit https://securityweekly.com/cloudsmith to learn more about them!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
In case you missed it: Paul's Security Weekly's new streaming time is Wednesday nights from 6pm-9pm ET & Enterprise Security Weekly's new streaming time is Thursday afternoons from 3pm-4:30pm ET. You can view our live stream schedule at any time at https://securityweekly.com/live!
Guest
With over 10 years in the world of engineering, Dan currently leads Developer Relations at Cloudsmith. Bridging the gap between customer success, engineering, and marketing, Dan is incredibly passionate about helping people and organizations implement and adopt technologies that secure their software supply chain. In addition to Developer Relations, Dan is also the voice and creator behind Cloudsmith’s YouTube tutorials, guides, and the key writer behind all blogs and documentation. Fun fact: Dan is also a professional DJ with over 2,000 gigs under his belt alongside some of the biggest names in the industry.