Loading…
In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, October 28 • 11:55am - 12:30pm
So, SBOMs Matter…Now What? - Sophie Wigmore & Frankie Gallina-Jones, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


Lately, the main conversation in the software bill of materials space has largely been around why you need a SBOM to solve your security concerns, and what it can add to your secure software supply chain. At this point, community buy-in is strong, but critical questions remain undecided: How is this technology best employed in a Kubernetes setting? Which of the options in this space is right for each use case? In an emerging space within the cloud native community, there is a lot to learn, and it seems as though the best practices are changing all the time. In this session, attendees will be walked through the pros/cons of different SBOM approaches by people who have spent over a year exploring this topic, defining best practices, and building open source solutions with SBOMs. Additionally, attendees will get a demonstration of how Paketo Buildpacks-generated application images already contain an embedded SBOM, by leveraging Syft.
Speakers
avatar for Sophie Wigmore

Sophie Wigmore

Member of Technical Staff, VMware
Sophie is a software engineer at VMware Tanzu, working on Paketo Buildpacks. She is a maintainer of Paketo tooling, and buildpacks in the Ruby, .NET Core, and PHP ecosystems. She has previously spoken at CF Summit EU and US, and holds a Bachelor's degree in computer science and biology... Read More →
avatar for Frankie Gallina-Jones

Frankie Gallina-Jones

Member of Technical Staff 3, VMware
Frankie Gallina-Jones is a software engineer at VMware who works primarily on the open source Paketo Buildpacks project. Frankie maintains the Golang and .NET Core buildpacks. They have a degree in Computer Science and Mathematics from Harvey Mudd College, and currently live in New... Read More →

kubecon sboms matter slides pdf
Friday October 28, 2022 11:55am - 12:30pm EDT
420 AB
  Security + Identity + Policy