k23 - Future of Transparency is Coming Ready to Air Out Your Securitys Dirty Laundry - David Lindner

In 2022, we saw the government make moves to mandate transparency to stop cyberattacks through the release of new regulations. This roster of new cybersecurity regulations and enforcement includes the Office of Management and Budget’s (OMB) new guidance built upon President Biden’s May 2021 cybersecurity executive order with the aim of ensuring that federal agencies only use secure software. This begs developers to ask themselves the question: Am I ready to strip naked, technology-wise and air out my security’s dirty laundry now? Or am I keeping the details of my software ecosystem close to the vest, hidden from data pickpockets like it’s the cyber-equivalent of a tourist’s tucked-away money belt? In this session, I will do an overview of the key components you need to get your security ready to bare it all - everything from what a Software Bill of Materials (SBOM) is, inventory management of third-party components, detection, open-source software (OSS), license compliance to automated security testing. You walk away knowing what you need to do to make your security ready to go public confidently.