In recent years we’ve seen countless tech companies deal with supply chain issues. SBOMs and SBOM management efforts have become one way to address software supply chain issues, but not all SBOMs are created equally. To be effective, an SBOM must accurately capture all components used within the application. This includes all code, regardless of whether its internally developed code or from an external source. Risk mitigation efforts related to each of these sources will impact the security, reliability and sustainability of an application – and ultimately how trustworthy the software is.

Speaker: Tim Mackey, Head of Software Supply Chain Risk Strategy, Synopsys