Nigel Douglas
Nigel Douglas is the Head of Developer Relations at Cloudsmith. He champions Cloudsmith’s developer ecosystem by creating compelling educational content, engaging with developer communities, and promoting Cloudsmith as the go-to solution for artifact management and supply chain security. Working closely with product, engineering, and marketing teams, Nigel helps build and shape the DevOps community through events, tutorials, and innovative programs.
Before joining Cloudsmith, Nigel held similar roles in cloud-native OSS projects, including the CNCF Graduate Project Falco at Sysdig and Project Calico at Tigera. He earned a Master of Science in Cybersecurity, Privacy, and Trust from South East Technological University in Ireland.
Session
Software Bill of Materials (SBOMs) are no longer a nice-to-have; they're quickly becoming table stakes for secure software delivery. But generating SBOMs is just the start. How do you manage them at scale across thousands of artifacts, teams, and environments? How do you ensure they’re accurate, tamper-proof, and usable in real-world pipelines?
We will walk users through integrating SBOM generation, storage, and validation into a modern CI/CD workflow using cloud-native tooling.
- Best practices for generating SBOMs for containers
- Securely storing and indexing SBOMs alongside your artifacts
- Validating artifacts against SBOM data before deployment
- Using SBOMs in incident response, compliance, and auditing
The session will provide attendees a clear roadmap to make SBOMs a first-class citizen in their pipelines and will provide a real-world example of how Cloudsmith integrates CNCF projects like Trivy with OSS projects like CycloneDX, Syft and Grype for automated SBOM generation.