You need the SBOM

​Many teams can't say exactly what's inside their builds. This session is about fixing that.

​Mykhailo Sindieiev (DevSecOps Architect at Roche) walks through why the Software Bill of Materials has moved from compliance checkbox to operational necessity: what an SBOM actually buys you when the next supply-chain vulnerability lands, how to generate and consume one in a real CI/CD pipeline, and where the tooling still falls short. Mykhailo brings a decade of security engineering across CI/CD security, SAST/DAST/SCA, cloud infrastructure, and systems hardening.

​OWASP Barcelona is co-hosting with Sorint.SEC at Norrsken House Barcelona, steps from the Barceloneta seafront. Seats are limited to 30 and it's first come, first served. If your plans change, please release your spot so someone else can take it. We'll continue the conversation over drinks at a nearby Barceloneta bar afterward.

​Logistics:

• ​📅 Tuesday, 30 June 2026 · 18:30–20:30

• ​📍 Norrsken House Barcelona · Passeig del Mare Nostrum 15 (Barceloneta)

• ​🗣️ English

• ​🎟️ Capacity 30 · RSVP required (building security needs the attendee list)

• ​🗓️ Agenda: 18:30 welcome & Sorint.SEC intro (5 min) → "You need the SBOM" (45 min) → technical close (10 min) → networking

• ​🍻 Informal drinks at a nearby Barceloneta bar afterward

​Speaker:

​Mykhailo Sindieiev is a DevSecOps Architect at Roche with over a decade in security engineering, spanning CI/CD security pipelines, SAST/DAST/SCA, AWS cloud infrastructure, Kubernetes, and systems hardening at companies including Cobee and EPAM Systems. He holds a Master's degree in Cybersecurity from Kharkiv National University of Radioelectronics.