![Page 1: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/1.jpg)
![Page 2: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/2.jpg)
![Page 3: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/3.jpg)
![Page 4: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/4.jpg)
![Page 5: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/5.jpg)
![Page 6: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/6.jpg)
![Page 7: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/7.jpg)
![Page 8: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/8.jpg)
![Page 9: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/9.jpg)
![Page 10: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/10.jpg)
![Page 11: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/11.jpg)
![Page 12: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/12.jpg)
![Page 13: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/13.jpg)
![Page 14: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/14.jpg)
![Page 15: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/15.jpg)
![Page 16: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/16.jpg)
Chris Gates
VelentiumMike Powers
Christiana Health
Sounil Yu
BoA
Chris Robbins
RedHat
Bob Martin
DoD
Josh Corman
PTC
![Page 17: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/17.jpg)
N/A Developers Custodian
Monitor NVD
Monitor News
?Coordinated Vulnerability Disclosure?
?Secure Coding??Security Requirements?
?Security Training?Build
ProduceBill of Materials
Test
Release
POSTBill of Materials
![Page 18: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/18.jpg)
Architect/Lead Developers Owner/PSIRT
Monitor NVD
Monitor News
?Coordinated Vulnerability Disclosure?
?Secure Coding??Security Requirements?
?Security Training?
ProduceBill of Materials
BuildEvaluate Direct Dependencies
Evaluate Inherited Dependencies
Project Parts M if t
New Parts Need
Test
Release
![Page 19: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/19.jpg)
Architect/Lead Developers PSIRT
Monitor NVD
Monitor News
?Coordinated Vulnerability Disclosure?
?Secure Coding??Security Requirements?
?Security Training?
ProduceBill of Materials
BuildEvaluate Direct Dependencies
Evaluate Inherited Dependencies
Project Parts M if t
New Parts Need
Test
Regulator Approval
Notify Regulator
?Notify CERTs?
![Page 20: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/20.jpg)
Procurement IT/Operations SoC/NoC/MSSP
Monitor NVD
Monitor News
Monitor Supplier Alerts
Evaluate SBoMRFP Definition
Request SBoMs
Factor Mitigations
Select/Purchase/MSA Suppliers/Goods
Seek Least Vulnerable version
Test
Go LIVE!
AM I affected?
WHERE am I Affected?
Security/Risk
Ts & Cs Boilerplate
20% off if none
Prohibited Tech?
Compare Hygiene
Leverage SBoM
Acquisition
![Page 21: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/21.jpg)
-----
-----
-----
-----
-----
-----
-------------------------
--------------------
-------------------------
--------------------
------------------------------------------
------------------------------------
![Page 22: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/22.jpg)
![Page 23: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/23.jpg)
![Page 24: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/24.jpg)
![Page 25: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/25.jpg)
-----
-----
-----
-----
-----
-----
-------------------------
-------------------------
-------------------------
-------------------------
-------------------------
-------------------------
-------------------------
![Page 26: PowerPoint Presentation · ?Notify CERTs? Procurement. IT/Operations. SoC/NoC/MSSP. Monitor NVD. Monitor News. Monitor Supplier Alerts. RFP Definition. Evaluate SBoM. Request SBoMs](https://reader030.vdocuments.us/reader030/viewer/2022041107/5f0952187e708231d4264536/html5/thumbnails/26.jpg)
Chris Gates
VelentiumMike Powers
Christiana Health
Sounil Yu
BoA
Chris Robbins
RedHat
Bob Martin
DoD
Josh Corman
PTC