SBOM Executive Order 14028: Securing the software supply chain

In this ReversingGlass, Matt Rose gives an overview of the U.S. Executive Order 14028 and Memorandum M-22-18, which now mandate that any software provider in business with the Federal Government self-attest to having secure software. Matt explains that starting with a comprehensive Software Bill of Materials (SBOM) is the best way to do this.

Keep learning

• WH memo calls for supply chain security
• Special: The State of Supply Chain Security
• Get a free SBOM and supply chain risk analysis

Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

SBOM Executive Order 14028: Securing the software supply chain

Typosquatting and software supply chain security

SCA Is Good. SSCS Is Better.

Reproducible Builds: Graduate Your Application Security

Spectra Assure Free Trial