U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

S&T at RSA Conference 2024

May 6-9, 2024 | South Hall Booth # 1235 | Moscone Center, San Francisco

From user identity and data privacy technologies to end-system security and software assurance, securing and protecting our nation’s cyber networks is a key priority for the Science and Technology Directorate (S&T). The annual Rivest, Shamir, and Adelman (RSA) Conference welcomes cybersecurity professionals from around the world to discuss ideas and solutions to combat current and future cybersecurity concerns.

You can learn more about RSA and register for the conference.

Check out the tech talks and demonstrations hosted by S&T’s Silicon Valley Innovation Program (SVIP) below. You’ll hear from SVIP Managing Director, Melissa Oh, as well as SVIP startup companies.

Schedule of S&T Talks & Demonstrations – South Hall Booth #1235

Tuesday, May 7, 2024

11:00 AM – 11:30 AM

SBOM in the Wild: Real World Examples w/ SVIP Startup Manifest Cyber

12:00 AM – 12:30 AM

Software Supply Chain Security as Code w/ SVIP Startup Scribe Security

1:00 PM – 1:30 PM

On The Correctness of Metadata-based SBOM Generation: A Differential Analysis Approach by SVIP Startup Deepbits Technology

1:30 PM – 2:00 PM

How DHS Works with Startups w/ SVIP Managing Director Melissa Oh

2:00 PM – 2:30 PM

Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines by SVIP Startup TestifySec

Wednesday, May 8, 2024

10:30 AM – 11:00 AM

SBOM in the Wild: Real World Examples w/ SVIP Startup Manifest Cyber

11:00 AM – 11:30 AM

Technology Demonstration by SVIP Startup Deepbits Technology

11:30 AM – 12:00 PM

Software Supply Chain Security as Code w/ SVIP Startup Scribe Security

1:30 PM – 2:00 PM

Protobom - Speaker: Anil John, SVIP Technical Director and Kammy Mann, IT Specialist, Office of the Technical Director (OTD), Cybersecurity Division, Cybersecurity and Infrastructure Security Agency

2:00 PM – 2:30 PM

Technology Demonstration by SVIP Startup TestifySec

About the Silicon Valley Innovation Program

The Silicon Valley Innovation Program (SVIP) bridges the technology development gap between DHS S&T, startups and small businesses, and DHS operational components. Through SVIP, startups and other small technology businesses can access non-dilutive funding, guidance from subject matter experts, direct access to operational end-users during prototype testing, and a legacy federal partnership to draw in future investors, providing a unique experience and resource in the development of viable technologies.

SVIP Start Ups @ RSA

  • DeepBits Technology

    DeepBits has developed an AI-powered platform for large-scale accurate binary code identification across languages and hardware platforms. They will be leveraging this platform to generate Software Bill of Materials (SBOMs) for the Cybersecurity and Infrastructure Security Agency (CISA) directly from application binaries to firmware images in a way that will provide continuous protection and integration into the software supply chain lifecycle. DeepBits’ solution will also help create new risk assessment capabilities.

  • Manifest Cyber

    Manifest provides end-to-end bill of materials lifecycle management—from SBOM solicitation, enrichment, analysis, visualization, and secure sharing—to industry leading AIBOM generation and management capabilities. Manifest’s technologies enable the building and buying of more secure software. They will be applying this expertise to develop a solution that helps improve transparency of the CISA software supply chain as a key component to ensuring the security of critical infrastructure systems.

  • Scribe Security

    Scribe provides an end-to-end software supply chain security software as a service (SaaS) platform that secures code throughout its entire software supply chain and software development life cycle. Scribe Hub easily integrates with your pipeline to give you deep visibility, integrity protection, risk insights, and continuous compliance with the leading standards such as Secure Software Development Framework (SSFD) by NIST, and Supply Chain Levels for Software Artifacts (SLSA) by Google. Scribe signs and verifies the evidence cryptographically, enriches it with open intelligence sources, and analyzes aspects such as integrity to mitigate tampering risk. They will leverage their online SaaS platform to design a solution that will allow CISA to generate shareable product SBOMs and pipeline attestations automatically to gain insights into risks and continuous code assurance.

  • TestifySec

    TestifySec unifies developers and cybersecurity teams in defending against software supply chain threats by integrating zero trust governance principles into build pipelines. We create transparency and accountability with our open-source and commercial products that observe, manage, and act on metadata at each step of the software or AI model generation process. Everyone deserves secure software.








Last Updated: 05/13/2024
Was this page helpful?
This page was not helpful because the content