Steve Springett, an expert in secure software development and a key figure in several OWASP projects is back. Steve unpacks CycloneDX and the value proposition of various BOMs. He gives us a rundown of the BOM landscape and unveils some new BOM projects that will continue to unify the security industry. Steve is a seasoned guest of the show so we learn a bit more about Steve's hobbies, providing a personal glimpse into his life outside of technology. 

Links from this episode:

https://cyclonedx.org/

Previous episodes with Steve Springett:
JC Herz and Steve Springett -- SBOMs and software supply chain assurance

Steve Springett — An insiders checklist for Software Composition Analysis

Steve Springett -- Dependency Check and Dependency Track

Book:
Software Transparency: Supply Chain Security in an Era of a Software-Driven Society by Chris Hughes and Tony Turner

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~