SecTools Podcast – Episode #23
Conversation with Steve Springett about Dependency Track, OWASP SCVS and CycloneDX.
Featuring
Steve Springett is the Senior Security Architect at ServiceNow, Chicago. Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive programming techniques.
Steve’s passionate about helping organizations identify and reduce risk from the use of third-party and open source components. He is an open source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS) project, CycloneDX software bill-of-material specification, and participates in several related projects and working groups.
- Dependency Track - https://dependencytrack.org/
- OWASP SCVS - https://owasp.org/scvs
- CycloneDX - https://cyclonedx.org/
- Website: https://stevespringett.com