BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//conference.c3w.at//bsidesvienna-0x7ea//DZ8K3C
BEGIN:VTIMEZONE
TZID:Europe/Vienna
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesvienna-0x7ea-AJN9TG@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20260627T100500
DTEND;TZID=Europe/Vienna:20260627T103500
DESCRIPTION:This talk is about SBOM — the thing that has become the most 
 important compliance artifact in software development. I'll cover:\n\n* **
 Why?** A brief\, painful tour through the legal plot twists that turned th
 e SBOM from a nice-to-have into a "you literally cannot sell this product 
 without one" because too many discovered they had no idea what they were a
 ctually running.\n* **What?** what actually goes in one\, what people *thi
 nk* goes in one\, why legal and IT security want one\, and what happens if
  you vibe-coded the whole thing.\n* **Who?** What this all means for softw
 are developers\, open source maintainers who never signed up to be vendors
 \, and where the liability actually lies.\n\nExpect war stories\, regulato
 ry translation services\, a healthy amount of "I am not your lawyer\, but
 …"\, less “it depends” and a takeaway list of things you can actuall
 y do on Monday morning — whether you're shipping software\, consuming it
 \, or maintaining the one library that all of your products depend on.
DTSTAMP:20260628T001652Z
LOCATION:Dachsaal (Track 2 )
SUMMARY:It's Not You\, It's Your Dependencies: A Nerdy Lawyer's Guide to th
 e Software Supply Chain - Katharina Bisset
URL:https://cfp.bsidesvienna.at/bsidesvienna-0x7ea/talk/AJN9TG/
END:VEVENT
END:VCALENDAR