In this conversation, Robert Martin of MITRE talks about how the software supply chain is highly complicated, due to an increasing number of things in society becoming cyber-enabled. He and MITRE created the System of Trust (SoT) so that organizations can consider the most important aspects of the software supply chain, giving a more holistic context into the chain’s subsets. The SoT’s goal is to promote transparency, allowing developers to see all of the players in the supply chain. Martin explained how software is not written neatly end to end, but rather is built with drivers, dependencies, and frameworks that give the supply chain depth and magnitude. If software practitioners are not given visibility into this complicated picture, they will miss the software supply chain risks that pose a threat to their organizations. He stresses that Software Bills of Materials (SBOMs) should be included in this effort, but that practitioners should refer to the SoT in order to best utilize an SBOM, giving them the best chance of mitigating software supply chain risks.
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
13:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
10:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
13:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana