Untangling Software Composition Analysis for MedTech Teams | Ep. 53 скачать в хорошем качестве

Untangling Software Composition Analysis for MedTech Teams | Ep. 53

Why does software composition analysis matter beyond regulatory compliance? This episode explores SCA (Software Composition Analysis) and explains how SBOMs (Software Bill of Materials), SOUP (Software of Unknown Provenance), and related tooling fit into the broader medical device cybersecurity landscape. Christian and Trevor clarify common misconceptions, including licensing fears, machine-readable requirements, and the role of static testing tools. Key points: (00:30) How software composition analysis helps identify what actually makes up medical device software. (01:54) Why acronyms like SCA, SBOM, and SOUP often cause confusion in medtech. (02:33) How large development teams and hidden dependencies create blind spots in software inventories. (04:46) Why understanding software ingredients matters from a risk and transparency perspective. (06:10) How SBOMs function as the output of software composition analysis. (11:31) What software of unknown provenance means and why it is becoming more common. (15:41) Why the FDA requires SBOMs to be submitted in machine-readable formats. (24:38) Why SAST (Static Application Security Testing) is not part of software composition analysis despite common assumptions. The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity professionals specializing in providing elite cyber solutions for medical devices. Learn more about securing your product and business from cyber-criminals by visiting https://bluegoatcyber.com If you’re interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goa... Christian Espinosa is the CEO and founder of Blue Goat Cyber. Trevor Slattery is the Chief Technology Officer / Director of MedTech Cybersecurity at Blue Goat Cyber. Christian Espinosa on LinkedIn:   / christianespinosa   Blue Goat Cyber on LinkedIn:   / blue-goat-cyber   Blue Goat Cyber on Instagram:   / bluegoatcyber   Blue Goat Cyber on Facebook:   / bluegoatcyber   Blue Goat Cyber on YouTube:    / @bluegoatcyber   Trevor Slattery on LinkedIn:   / trevor-slattery-34852b1a9   Feedback? Questions? Contact: https://bluegoatcyber.com/contact/ Learn more about Christian Espinosa, buy his books, or invite him to speak on your stage: https://christianespinosa.com/ Christian Espinosa on YouTube:    / @christianespinosaofficial   The Med Device Cyber Podcast is your essential resource for medical device cybersecurity. Each episode we dive into the latest threats, solutions, and best practices to protect modern healthcare technology. Whether you're a provider, a manufacturer, or a cybersecurity professional, gain the knowledge to safeguard patient safety by subscribing to the Med Device Cyber Podcast. Subscribe via Spotify: https://open.spotify.com/show/5ol62RO... Subscribe via Apple Podcasts: https://apple.co/483OJ9I Subscribe via YouTube:    / @bluegoatcyber