Software Supply Chain Security Masterclass

Master SBOMs, secure development, compliance, and third-party risk in a globally connected software ecosystem

What you'll learn

Understand the role of SBOMs in software supply chain visibility and security

Map SBOM practices to global regulations including EO 14028, EU CRA, and FDA mandates

Generate, validate, and operationalize SBOMs using tools and CI/CD pipelines

Evaluate open-source risks and license compliance using SBOM data

Build policies, workflows, and dashboards for continuous monitoring and audit readiness

Lead enterprise-wide SBOM programs and engage vendors for downstream compliance

Simulate audit scenarios and present defensible documentation to regulators and customers

Requirements

Basic Understanding of Software Development

Awareness of CI/CD pipelines and tools like Jenkins, GitHub Actions, GitLab CI, etc.

Basic knowledge of software vulnerabilities and security best practices

(Optional but Helpful) Exposure to Compliance or Regulatory Environments

Description

Welcome to Mastering Software Supply Chain SecurityWe’re thrilled to have you join us on this journey to strengthen your software supply chain through the power of SBOMs (Software Bill of Materials).In this course, you’ll gain the knowledge and hands-on skills to:Understand the critical role of SBOMs in modern cybersecurityAlign your practices with global regulations like EO 14028, EU CRA, and FDA mandatesGenerate, validate, and operationalize SBOMs using real-world tools and CI/CD pipelinesEvaluate open-source risks and ensure license complianceBuild audit-ready workflows and lead enterprise-wide SBOM programsWhether you're a security professional, DevOps engineer, or compliance leader, this course is designed to empower you with actionable insights and practical tools to make a real impact.Gain the skills to implement and lead Software Bill of Materials (SBOM) initiatives that align with global regulations and secure your software supply chain.Understand SBOM FundamentalsExplore the critical role of SBOMs in enhancing software supply chain visibility and security.Navigate Global RegulationsMap SBOM practices to key mandates including:U.S. Executive Order 14028EU Cyber Resilience Act (CRA)FDA Software RegulationsHands-On SBOM ImplementationLearn to generate, validate, and integrate SBOMs using modern tools and CI/CD pipelines.Risk & Compliance ManagementEvaluate open-source risks and ensure license compliance using SBOM data.Build for Audit ReadinessCreate policies, workflows, and dashboards for continuous monitoring and audit preparedness.Lead Enterprise SBOM ProgramsDrive organization-wide adoption and collaborate with vendors for downstream compliance.Simulate Real-World AuditsPractice audit scenarios and prepare defensible documentation for regulators and customers.By the end of this course, learners will be able to:Understand the role of SBOMs in software supply chain visibility and securityMap SBOM practices to global regulations including EO 14028, EU CRA, and FDA mandatesGenerate, validate, and operationalize SBOMs using tools and CI/CD pipelinesEvaluate open-source risks and license compliance using SBOM dataBuild policies, workflows, and dashboards for continuous monitoring and audit readinessLead enterprise-wide SBOM programs and engage vendors for downstream complianceSimulate audit scenarios and present defensible documentation to regulators and customersEquip security professionals, developers, and compliance leaders with the frameworks, tools, and real-world techniques to build resilient, transparent, and auditable software supply chains using SBOMs and aligned security practices.Secure your software supply chain. Empower your team. Lead with confidence.

Overview

Section 1: Foundations of Software Supply Chain Security

Lecture 1 Why Supply Chain Security Matters: High-Profile Cyber Incidents

Lecture 2 What is an SBOM? A Strategic Introduction

Lecture 3 SBOM and Software Supply Chain Risk: Key Definitions and Scope

Section 2: Global Regulatory and Compliance Drivers

Lecture 4 Executive Order 14028: Enhancing Software Supply Chain Security

Lecture 5 EU Cyber Resilience Act: What It Means for Software Vendors

Lecture 6 U.S. FDA Cybersecurity Requirements for Medical Devices

Lecture 7 NIST Guidance and NTIA’s SBOM Framework

Lecture 8 Comparing Global Regulatory Frameworks: US vs EU vs Sectoral Mandates

Section 3: SBOM Design, Tools, and Formats

Lecture 9 Core Elements of an SBOM: Data Fields and Relationships

Lecture 10 SBOM Formats Explained: SPDX, CycloneDX, and SWID

Lecture 11 How to Generate an SBOM: Tools and Automation Pipelines

Lecture 12 Open Source Components and License Compliance with SBOM

Section 4: SBOM Use Cases Across the Software Lifecycle

Lecture 13 SBOM in Secure Software Development Lifecycle (SSDLC)

Lecture 14 SBOM for Procurement and Third-Party Risk Management

Lecture 15 Using SBOMs for Vulnerability Management and Patch Prioritization

Lecture 16 Incident Response and Forensics Powered by SBOM Visibility

DevSecOps Engineers,Security Architects,Compliance Officers,Software Engineering Leaders,Product Managers in Regulated Industries