SecAppDev 2026 lecture details
SBOMs and their Role in Security
A practical deep dive into SBOMs: what they are, how they’re built and used, and why they matter for modern software security, from vulnerability response and prioritization to supply‑chain risk and provenance touchpoints.
Tuesday June 2nd, 09:00 - 10:30
Room West Wing
Abstract
A practical deep dive into Software Bills of Materials (SBOMs): what they are, what they are not, and how they fit into modern software security. We will cover common data models and formats, how SBOMs are produced and consumed, and how they enable better visibility and faster decision-making across the software lifecycle. Interactive participation is particularly encouraged.
Key takeaway
Participants will learn about SBOMs, how to think about them in an end-to-end manner, and how to apply them to real security workflows.
Content level
Deep-dive
Target audience
Practitioners (developers, security engineers, architects, PMs) and interested students.
Prerequisites
Basic familiarity with software dependencies and vulnerability concepts (e.g., CVEs); no prior SBOM tooling experience required.
Join us for SecAppDev. You will not regret it!
Grab your seat now
Alexios Zavras
Chief Open Source Compliance Officer, Intel Corp.
Expertise: Open Source licensing, SBOMs, legal compliance
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Security by default - A European perspective on cyber resilience
Deep-dive lecture by Freddy Dezeure in room Lemaire
Monday June 1st, 09:15 - 10:30
A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections
Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems
EU CRA: Survival Workshop for Enterprise & Open Source
Deep-dive lecture by Roman Zhukov in room West Wing
Wednesday June 3rd, 11:00 - 12:30
A practical deep-dive into the EU CRA for Enterprise and Open Source. Features interactive "In Scope?", "Who Am I?" and a “Live Gap-Analysis” exercises to help navigating your compliance confidently.
Key takeaway: Transform CRA rules from a legal burden into an engineering advantage using open standards, clear role mapping, and practical guidelines.
Placeholder Inti De Ceukelaire
TBD lecture by Inti De Ceukelaire in room Lemaire
Wednesday June 3rd, 16:00 - 17:15
TBD
Key takeaway: TBD