S3E26: Mark Curphey - Challenges in SCA/SBOM and Modernizing OWASP

- You recently wrote an article about the SBOM Frenzy being Pre-Mature. For those not familiar with SBOM's, what is an SBOM and what has led to the frenzy as you call it?- In your article you discuss challenges related to the build environments and hosts that can cause different outputs and SBOM's unless a build occurs on two identical machines. Can you explain why that is? - What role do you think emerging frameworks such as SLSA or SSDF and higher maturity requirements for things such ...