Transparency in Action: A Candid Discussion on the "Good" and the "Evil" of SBOMs

Did you miss Larry Pesce's presentation at RSAC 2024? Don't worry, we've got good news for you! We're excited to announce a follow-up webinar on June 20, 2024, where Larry will dive even deeper into the crucial topic of Software Bill of Materials (SBOMs) and their impact on cybersecurity.

Recap of Larry Pesce's RSAC 2024 Talk

At RSAC 2024, Larry Pesce, Director of Research & Analysis at Finite State, delivered a thought-provoking talk on the dual nature of SBOMs. He discussed how SBOMs are essential for cybersecurity transparency but also highlighted potential risks if they are not properly managed.

Key Points from Larry's Talk:

1. The Dual Role of SBOMs: Larry emphasized that while SBOMs are critical for identifying and managing vulnerabilities, they can also be exploited by attackers if left unsecured. This makes it critical for organizations to balance transparency with robust security measures.

2. Potential Misuses of SBOMs: Larry provided examples of how malicious actors can use SBOMs to identify unpatched vulnerabilities in software components. He shared insights into the tactics, techniques, and procedures (TTPs) used by adversaries to exploit these vulnerabilities.

3. Defensive Strategies and Ethical Use: Larry highlighted the importance of developing defensive strategies to protect against the misuse of SBOMs. He presented case studies and offered expert advice on how organizations can use SBOMs ethically and effectively to enhance their security posture.

Join Our Webinar on June 20, 2024!

To continue this critical conversation, we invite you to join our upcoming webinar: "Transparency in Action: A Candid Discussion on the 'Good' and the 'Evil' of SBOMs." Larry Pesce will lead this session, providing further insights and practical strategies for leveraging SBOMs in your organization.

Webinar Details:

  • Who: Larry Pesce, Director of Research & Analysis, Finite State
  • When: June 20, 2024
  • Where: Zoom (we'll send the link!)

What You’ll Learn:

  • Potential Misuses of SBOMs: Learn how attackers could exploit SBOMs to find and attack vulnerabilities.
  • Real-World Exploitation Tactics: Understand the TTPs that adversaries use to manipulate SBOMs.
  • Defensive Strategies Against SBOM Exploitation: Discover expert tips and case studies to protect your organization.

Finite State’s Commitment to Ethical SBOM Use

Finite State is dedicated to promoting the ethical use of SBOMs as a cornerstone of cybersecurity. We are committed to the proactive defense of digital infrastructures and advocate for the responsible use of SBOMs to address potential threats in critical systems such as energy, automotive, and healthcare.

This webinar is a must-attend for industry partners and stakeholders who are committed to leveraging transparency to strengthen defenses and prevent exploitation. Together, we can foster the responsible use of SBOMs and enhance the security of our digital world.

You'll be able to register soon to gain critical insights into turning potential vulnerabilities into robust defensive strategies. Don't miss this opportunity to learn from Larry Pesce and join us in promoting the ethical use of SBOMs for a safer cybersecurity landscape.

Watch here for the link to register!

We look forward to seeing you at the webinar and continuing this important conversation on SBOMs and cybersecurity!