LeanAppSec

Resharing for reach! Get out there and do some networking... the kind without computers. 🤣 🌲 Kayra Otaner #security #cybersecurity #meetup #hike #nyc

Useful and informative from Endor Labs - still not up to speed with SBOMs?

🔊 It’s Webinar Day! And we’re talking about Open Source Program Office (OSPO). Join Chris Hughes, Chief Security Advisor at Endor Labs and Russ Eling of OSS Consultants in an hour at 9 a.m. PT / 12:00 p.m ET as they answer the most asked questions about OSPOs. See you in a bit! https://hubs.ly/Q02HkZpH0

Have you taken the LeanAppSec SBOM academy course yet? We designed this course to help you learn: 💫 Why do we need SBOMs 💫 What actually is an SBOM 💫 What is a VEX document 💫 How are SBOMs produced, consumed, stored, and managed 💫 Why SBOMs are only a part of your software inventory It’s a power packed 60 minute course and it’s FREE! Link to the course: https://hubs.ly/Q02HkW_J0

Open Source Program Office (OSPO) There's been a lot of talk lately about OSPO's But what exactly is an OSPO and why should you have one? How do you go about getting leadership buy in for establishing an OSPO? What industry resources can you leverage to get started? I'll be diving into that and much more with Russ Eling of OSS Consultants next week, July 24th at 12ET. We will also be doing a live Q&A! Be sure to join us over at LeanAppSec by Endor Labs #ciso #cyber #supplychainsecurity

Only one week left until the "𝐖𝐡𝐚𝐭 𝐢𝐬 𝐚𝐧 𝐎𝐒𝐏𝐎?" live webinar! Join us as we cover: ✅ What an Open Source Program Office (OSPO) can include ✅ Who should be part of the OSPO ✅ The value and benefits of an OSPO ✅ Lessons learned from OSPOs Russ Eling, founder of OSS Consultants and creator of one of the first large-scale OSPO programs and Chris H., Chief Security Advisor at Endor Labs & President, Aquia will be diving into these topics during the webinar. Got more questions about #OSPOs? Drop them in the comments below. https://lnkd.in/gB2jsXe6

🚀 We just launched a new course – Intro to 𝐒𝐁𝐎𝐌𝐬 𝐟𝐨𝐫 𝐀𝐩𝐩𝐒𝐞𝐜 𝐚𝐧𝐝 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞! SBOMs are helpful, not just for compliance but for vuln and incident management; they're also more nuanced and harder than you think. 𝐂𝐡𝐞𝐜𝐤 𝐨𝐮𝐭 𝐭𝐡𝐞 𝐜𝐨𝐮𝐫𝐬𝐞 𝐢𝐟 𝐲𝐨𝐮: 💬 𝐖𝐚𝐧𝐭 𝐭𝐨 𝐫𝐞𝐬𝐩𝐨𝐧𝐝 𝐪𝐮𝐢𝐜𝐤𝐥𝐲 𝐭𝐨 𝐬𝐮𝐩𝐩𝐥𝐲 𝐜𝐡𝐚𝐢𝐧 𝐢𝐧𝐜𝐢𝐝𝐞𝐧𝐭𝐬:Use SBOMs to track where you have affected components 🏛️ 𝐂𝐚𝐫𝐞 𝐚𝐛𝐨𝐮𝐭 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞: Learn how you can generate and share SBOMs with auditors/regulators 🔧 𝐖𝐚𝐧𝐭 𝐭𝐨 𝐛𝐮𝐢𝐥𝐝 𝐚 𝐦𝐚𝐭𝐮𝐫𝐞 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐫𝐨𝐠𝐫𝐚𝐦: An SBOM shows your organization has a well-developed security practice. https://lnkd.in/gQ_ukbkh #SBOM #AppSec #Compliance

Join us on Wednesday, July 24th at 9:00 a.m. PT to discuss -  𝐖𝐡𝐚𝐭 𝐢𝐬 𝐚𝐧 𝐎𝐒𝐏𝐎? Our speaker for this session is Russ Eling, founder of OSS Consultants and creator of one of the first large-scale Open Source Program Office (OSPO) programs. We'll discuss: 👉🏼 What an OSPO can include 👉🏼 Who should be part of the OSPO 👉🏼 The value and benefits of an OSPO 👉🏼 Lessons learned from OSPOs https://lnkd.in/gnHW9nMQ #ospo #oss #webinar #compliance

Join us for our next live event: 𝐖𝐡𝐚𝐭 𝐢𝐬 𝐚𝐧 𝐎𝐒𝐏𝐎? The creation of an Open Source Program Office (OSPO) is an established way for organizations to govern and control the consumption (and production) of OSS in a uniform or standardized way. Our speaker for this session is Russ Eling, founder of OSS Consultants and creator of one of the first large-scale OSPO programs. He will share: 👉 What an OSPO can include 👉 Who should be part of the OSPO 👉 The value and benefits of an OSPO 👉 Lessons learned from OSPOs #ospo #oss #webinar #compliance

The #DevSecOpsConnectVirtual is next week, and our friend Chris H. (Chief Security Advisor, Endor Labs & President, Aquia) will be talking about 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐢𝐧 𝐭𝐡𝐞 𝐀𝐠𝐞 𝐨𝐟 𝐀𝐈 𝐚𝐧𝐝 𝐎𝐒𝐒. Register for free: https://hubs.ly/Q02BsBk40 Chris's session details: 📆 Tuesday, June 18, 2024 ⌚ 1:45 PM - 2:15 PM 𝘛𝘩𝘪𝘴 𝘴𝘦𝘴𝘴𝘪𝘰𝘯 𝘸𝘪𝘭𝘭 𝘥𝘪𝘴𝘤𝘶𝘴𝘴 𝘵𝘩𝘦 𝘳𝘪𝘴𝘦 𝘰𝘧 𝘈𝘐 𝘢𝘯𝘥 𝘓𝘓𝘔𝘴 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘳𝘰𝘭𝘦 𝘰𝘧 𝘰𝘱𝘦𝘯 𝘴𝘰𝘶𝘳𝘤𝘦 𝘴𝘰𝘧𝘵𝘸𝘢𝘳𝘦 (𝘖𝘚𝘚) 𝘪𝘯 𝘵𝘩𝘪𝘴 𝘦𝘷𝘰𝘭𝘷𝘪𝘯𝘨 𝘴𝘱𝘢𝘤𝘦. 𝘐𝘵 𝘸𝘪𝘭𝘭 𝘤𝘰𝘷𝘦𝘳 𝘵𝘩𝘦 𝘤𝘰𝘯𝘷𝘦𝘳𝘨𝘦𝘯𝘤𝘦 𝘰𝘧 𝘖𝘚𝘚 𝘢𝘯𝘥 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘢𝘯𝘥 𝘴𝘰𝘧𝘵𝘸𝘢𝘳𝘦 𝘴𝘶𝘱𝘱𝘭𝘺 𝘤𝘩𝘢𝘪𝘯 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺. 𝘐𝘵 𝘸𝘪𝘭𝘭 𝘤𝘰𝘷𝘦𝘳 𝘵𝘩𝘦 𝘯𝘶𝘢𝘯𝘤𝘦𝘴 𝘢𝘯𝘥 𝘤𝘰𝘮𝘱𝘭𝘦𝘹𝘪𝘵𝘪𝘦𝘴 𝘰𝘧 𝘖𝘚𝘚 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘢𝘯𝘥 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘢𝘴 𝘸𝘦𝘭𝘭 𝘢𝘴 𝘵𝘩𝘦 𝘖𝘚𝘚 𝘛𝘰𝘱 10 𝘙𝘪𝘴𝘬𝘴 𝘭𝘪𝘴𝘵, 𝘢𝘯𝘥 𝘳𝘦𝘴𝘰𝘶𝘳𝘤𝘦𝘴 𝘴𝘶𝘤𝘩 𝘢𝘴 𝘵𝘩𝘦 𝘖𝘞𝘈𝘚𝘗 𝘈𝘐 𝘚𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘊𝘩𝘦𝘤𝘬𝘭𝘪𝘴𝘵 𝘢𝘯𝘥 𝘎𝘶𝘪𝘥𝘢𝘯𝘤𝘦. Techstrong Learning #ai #conference