Roq: Leveraging Quarkus to Build Static Sites at the Speed of Go
May 4, 2026 - 00:21:23
Radio and PodcastLive Radio & Podcasts
Technology
How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise
Viktor Peterson, part of the CISA task force working on SBOM blueprints and co-founder of sbomify, explores the shifting landscape of software supply chain security as the EU's Cyber Resilience Act (CRA) comes into force...
About This Episode
How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise is an episode from The InfoQ Podcast by InfoQ. Viktor Peterson, part of the CISA task force working on SBOM blueprints and co-founder of sbomify, explores the shifti...
Podcast
This episode belongs to The InfoQ Podcast.
Listen Online
Use the player on this page to stream the episode online.
Episode Details
Published Apr 13, 2026, 00:37:43 long, audio available.
Related Episodes
Continue listening to more episodes from The InfoQ Podcast.
Engineering Stable, Secure and Scalable Platforms: A Conversation with Matthew Liste
Apr 20, 2026 - 00:56:37
Context Engineering with Adi Polak
Apr 6, 2026 - 00:31:01
Failure As a Means to Build Resilient Software Systems: A Conversation with Lorin Hochstein
Mar 31, 2026 - 00:51:41
Agentic Systems Without Chaos: Early Operating Models for Autonomous Agents
Mar 25, 2026 - 00:54:31
Andres Almiray on How to Release Any Software to Any OS with JReleaser
Mar 16, 2026 - 00:31:33
Mindful Leadership in the Age of AI
Mar 9, 2026 - 00:38:25
Questions About This Episode
What is How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise about?
Viktor Peterson, part of the CISA task force working on SBOM blueprints and co-founder of sbomify, explores the shifting landscape of software supply chain security as the EU's Cyber Resilience Act (CRA) comes into force, a "GDPR moment" for the industry. Beyond mere compliance, Peterson argues that SBOMs provide significant operational value as tools for automated security audits and license management, provided they are generated using ecosystem-specific tools rather than generic scanners. He also points to providing critical security insights into the risks of weaponised code, citing recent incidents where security tools themselves became attack vectors, and emphasises the need for vendor-neutral discovery mechanisms like the Transparency Exchange API (TEA) to secure the software lifecycle. Read a transcript of this interview:
Where can I listen to How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise?
You can listen to How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise online on Radio and Podcast. Open the player on this page to stream the available audio.
Which podcast is How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise from?
How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise is an episode from The InfoQ Podcast by InfoQ.
How long is this episode?
This episode is 00:37:43 long.
When was this episode published?
This episode was published on Apr 13, 2026.
Can I save How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise for later?
Yes. Use the heart button on the episode page to add it to your favorite episodes list.
Are there related episodes from The InfoQ Podcast?
Yes. This page shows related episodes from The InfoQ Podcast when more episodes are available from the podcast feed.
Quick Answers About This Episode
Where can I listen to How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise?
You can listen to How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise on this page when the episode audio is available from the podcast feed.
Which podcast is this episode from?
How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise is from The InfoQ Podcast by InfoQ.
What are the episode details?
Published Apr 13, 2026 and 00:37:43 long