Tom Alrich is an independent consultant specializing in supply chain security of critical infrastructure. He is the founder and leader of the SBOM Forum, a group of SBOM professionals that is trying to remove obstacles currently preventing widespread use of SBOMs. He writes a popular blog on these topics.
Tom's Articles
Navigating industrial cyber threats with SBOMs, VEX, CSAF for enhanced supply chain resilience
Did CISA do their homework?
Who will tame the CPE beast?
How can you make sure your connected devices are secure
I’ve figured out why software users aren’t requesting SBOMs