Skip to main content

A Standardized Approach to SBOM

In this segment, Mike and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. This segment is sponsored by Cloudsmith. Visit to learn more about them! Visit for all the latest episodes! Show Notes: