Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
Detailed Asset Management for Software and Hardware: how do SBOM and HBOM impact security?
Asset Management is the first prerequisite to understand the organization’s real risk exposure. But a simple inventory of devices and software packages is often not enough. To respond quickly to vulnerabilities and incidents, you need to know the components inside your hardware and software – this is where SBOMs and component-level visibility matter.
SSL-related incidents showed how a single vulnerable component can make a difference, particularly when this single component is implemented in 100 different applications. If you already have a component-based asset management in place, you can rapidly identify where a component is used, prioritize the most exposed systems, and drive remediation (patching, upgrades, compensating controls) with much less downtime. If you first must build the inventory during a crisis, the time you remain vulnerable – and the operational impact – becomes significantly longer.
Further details here
Speeches:
SBOM and requirements today and in future: What is it, why we do it and how to manage stakeholder expectancy?
Daniel Heppner, Head of Intelligence & Defence, Roche Diagnostics
Implementation and Experience: How to identify KPI, organize data gathering, and sharing dos and dont’s?
Chris Ditze-Stephan, HSLU lecturer and OT Expert @ zentric
Roundtable 1:
SBOM definitions and goals: By when and how to successfully initiatea project?
Roundtable 2:
The journey of SBOM implementation: What are the critical factors for sustainable success?
