SBOMs & Attestations: New and Emerging Requirements for Software Vendors
As cyberattacks continue to target software vendors, the U.S. government is fighting back with new security requirements. Is your development team prepared to meet new standards while keeping your time to market on pace?
The White House’s new mandate requires U.S. agencies to obtain Software Bill of Materials (SBOMs), as well as attestations from their software vendors by June 2023. Since the order applies to any software that touches government data or systems in any way, it can still affect you even if you don’t directly do business with the government.
How does this impact you? What can you do to gain and maintain compliance? Find out in this webinar for software and security leaders.
Learn more about:
– Software supply chain attacks and the industry response
– What are SBOMs and attestations?
– The industry framework, Supply chain Levels for Software Artifacts (SLSA)
– How the ActiveState Platform can generate SBOMs and attestations for open source language runtime.
Get ahead of the curve and secure your software supply chain. Plus, we’ll offer a test run of our SBOM functionality upon request.
Nicole Schwartz, Product Manager, ActiveState
Nicole Schwartz speaks about Information Security, DevSecOps, Agile, and DEI. She is currently a Product Manager at ActiveState, Chief Operating Officer for The Diana Initiative, an organizer for the SkyTalks village at DEF CON. She holds a Master of Science in Information Technology from Clarkson University and can be found at @CircuitSwan.
Evan Cole, Solutions Engineer, ActiveState
Evan Cole engages directly with ActiveState customers to address their business challenges. He is a certified AWS Cloud Architect with a research background in AI and big data engineering.
Read Similar Stories
Why The US Government Is Mandating Software Bill Of Materials (SBOM)
The US Government has restricted sale of software to those that can provide an SBOM. Learn what an SBOM is and how to navigate these restrictions.
Everything Developers Need To Know About Attestation
The US Government requires software vendors to provide self-attestation. Learn what attestations are and how to navigate these restrictions.
What Are Supply Chain Levels For Software Artifacts (SLSA)?
SLSA improves software supply chain security by providing a framework for sourcing and building software more securely.