Vulnerabilities are published now on a variety of systems and not just on software applicaitons. Industrial Controls Systems, Firewalls, supporting applicaitons, and even tier 2/Tier 3 supporting applicaitons (Log4JS anyone?) have vulnerbailities being published more frequently. How do you know if a system you are using contains the applications or the vulnerabilities published? The speaker will cover the journey of software bill of materials including challenges and have they overcame them as well as why others should embark on this journey. From how to approach the conversations internally with your applicaiton developers as well as conversations with manufacturers and third parties. If you read Nutrition Facts on the side of cereal boxes but don't know if you have MoveIt installed in your network this presentation is for you!