Updates from the CISA SBOM Working Groups 

Summary:

The Cybersecurity and Infrastructure Security Agency (CISA) hosts multiple workstreams on SBOM Sharing & Exchanging, Tooling & Implementation, On-Ramps & Adoption, Cloud & Online Applications, and Vulnerability Exploitability eXchange (VEX). The Agency recently hosted an “SBOM-a-Rama” to provide updates from these groups, industry groups (Finance, Automotive, Healthcare) executing on SBOMs, as well as from international partners.  

Fortress has been tracking these working groups and plans to debrief the community with updates on the current state of the conversation in the working groups, their recently released deliverables, as well as what is on the horizon.  

Duration: 37 Minutes

Speakers:

• Brian Cowan, Product Owner at Fortress
• Brad Whipple, Lead Security Engineer at Fortress