Conference:  SupplyChainSecurityCon 2022

Authors: Katie Bratman, Adam kojak

2022-06-21

The proliferation of medical devices in healthcare environments and the reliance on third-party components in modern software design catalyzed NewYork-Presbyterian’s engagement in Software Bill of Materials (SBOM) initiatives. SBOMs provide new transparency that is essential for mitigating the risks associated with diverse software in today’s enterprise.Organizations, regardless of size or industry vertical, require a complete inventory of software, full visibility into underlying components, and comprehensive insight into vulnerabilities. NYP has developed an open source platform that provides this essential visibility and insight.Join this session to learn more about NYP’s use of SBOMs in action!

Conference:  KubeCon + CloudNativeCon Europe 2022

Authors: Frederick Kautz, Andres Vega

2022-05-18

SPIFFE aims to strengthen the identification of software components in a common way that can be leveraged across distributed systems by anyone, anywhere. The ability to maintain software security by standardizing how systems define, attest, and maintain software identity, regardless of where systems are deployed or who deploys those systems, confers many benefits. The use of SPIFFE can significantly reduce costs associated with the overhead of managing and issuing cryptographic identity documents and accelerate development by removing the need for developers to understand the complexity involved to secure service-to-service communication, but that is not the only outcome. Production identity can have a positive impact on many areas such as interoperability, compliance, audibility, and more. This presentation demonstrates the real world scenarios and outcomes of deploying SPIFFE across your infrastructure and also using it to bridge and integrate the infrastructure of others.Click here to view captioning/translation in the MeetingPlay platform!