Thank you so much to those of you who were able to participate in the CISA SBOM-a-rama. We were blown away by the level of interest and the engagement, from a host of different perspectives, and from leaders around the world. The discussion and contributions from this one event advanced our general understanding of opportunities of transparency.
Day 1 focused on how we can SBOM today. Day 2 focused on identifying further work to make this easier, cheaper, more scalable, and more effective. Participants identified a huge range of potential work. Some of the areas identified includes: SBOM for Cloud/SaaS, Managing SBOM Data, Tooling, “On Ramps” to Help People use SBOM, Sharing & Exchanging SBOMs, Technical Implementation Details, and Embedded Systems & Firmware. We will send out more detailed plans for next steps early in January.
We anticipate having further public events periodically to share progress and solicit broader feedback.
Recordings of the CISA SBOM-a-rama:
Day 1: Wednesday, December 15th: 12 PM – 3 PM ET
Day 2: Thursday December 16th: 12 PM – 3 PM ET
To make sure you receive updates on CISA SBOM work, please contact SBOM@cisa.dhs.gov.