Simply knowing what is in your software is not any guarantee of safety. We need to know what that software does versus what we expect it to do. We need to know its rules of behavior.

Today, we talk with Andrew Hendela, a founder of Karambit.ai, a company dedicated to automatically detecting malware and securing your software supply chain. Andrew worked for over a decade automating hard cybersecurity problems. He has many years of experience in cybersecurity leadership and deep technical expertise in fields such as malware analysis and automated cyber attribution. He tells us about software bills of behavior and why SBOMs are insufficient to protect your software supply chain from attacks.

When you finish listening to the episode, connect with Andrew on LinkedIn and visit Karambit.ai website.

Mentioned in this episode:

Andrew on LinkedIn at https://www.linkedin.com/in/andrew-hendela/

Karambit.ai at https://karambit.ai