2025-11-08 –, Room 334
Open source software can be like a plate of mystery brownies in the breakroom: Where did they come from? Are they safe? Do they have gluten? SBOMs are your ingredient list for software, greatly reducing the risk of unknown components, open source licenses, and expired dependencies. This talk demystifies Software Bills of Materials (SBOMs) and security errata, showing how they empower individuals and teams to identify vulnerabilities, track end-of-life risks, and maintain compliance before incidents occur. Learn how SBOMs, advisories, and documentation work together to bring transparency to the Linux supply chain, keeping environments safe, resilient, and free from nasty surprises; just like you'd want for any food you consume.
Software security, like food safety, shouldn't be a mystery. This talk simplifies jargon and acronyms to show how SBOMs and security documentation make protection accessible for everyone, not just big-budget enterprise teams. We'll explore practical ways to understand what's really inside your Linux systems using freely available tools and community resources. Whether you are a hobbyist running home servers, a FOSS contributor, or professional sysadmin, this talk aims to peel back the curtain on how the errata sausage is made and why, in the age of AI, it's more important than ever to read the back of the box.
Brady Dibble is Director of Product Management at CIQ, where he leads initiatives related to Rocky Linux.