SBOMs, HBOMs, and Supply Chain Visibility - BTS #50 episode artwork

EPISODE · May 15, 2025 · 45 MIN

SBOMs, HBOMs, and Supply Chain Visibility - BTS #50

from Below the Surface (Audio) - The Supply Chain Security Podcast · host Paul Asadoorian

Summary In this episode, Paul Asadoorian and Joshua Marpet delve into the complexities of compliance, inventory management, and the emerging concepts of SBOMs, HBOMs, and FBOMs (no, not that FBOM). They discuss the importance of understanding the components and origins of hardware and software, the challenges of managing technology lifecycles, and the need for clear standards and regulations in the tech industry. The conversation emphasizes the critical role of asset inventories in maintaining security and compliance in an ever-evolving technological landscape. In this conversation, Joshua Marpet and Paul Asadoorian delve into the complexities of hardware security, the cultural shifts needed in security practices, and the importance of transparency in software and firmware management. They discuss the challenges posed by hardware backdoors, the necessity of Software Bill of Materials (SBOMs), and the hidden risks associated with firmware updates. The dialogue emphasizes the need for a cultural change in how organizations approach security and compliance, advocating for continuous management and transparency to inspire confidence in security practices. Chapters 00:00 Introduction and Technical Challenges 02:02 Exploring Compliance and Frameworks 05:06 Understanding S-bombs, H-bombs, and F-bombs 10:10 The Importance of Inventory and Asset Management 15:01 Navigating Hardware and Software Lifecycle 19:58 Standards and Regulations in Technology 23:56 The Manchurian Microchip and Hardware Backdoors 27:44 Cultural Change in Security Practices 30:47 The Importance of Transparency and SBOMs 36:39 Challenges in Compliance and Risk Management 42:42 The Hidden Risks of Firmware and Hardware Updates

NOW PLAYING

SBOMs, HBOMs, and Supply Chain Visibility - BTS #50

0:00 45:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Below the Surface (Audio) - The Supply Chain Security Podcast?

This episode is 45 minutes long.

When was this Below the Surface (Audio) - The Supply Chain Security Podcast episode published?

This episode was published on May 15, 2025.

What is this episode about?

Summary In this episode, Paul Asadoorian and Joshua Marpet delve into the complexities of compliance, inventory management, and the emerging concepts of SBOMs, HBOMs, and FBOMs (no, not that FBOM). They discuss the importance of understanding the...

Can I download this Below the Surface (Audio) - The Supply Chain Security Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!