Blue Goat CyberSMMedical Device Cybersecurity
    K
    Podcast · Episode 53

    Untangling Software Composition Analysis for MedTech Teams

    With MedTech leader - Why does software composition analysis matter beyond regulatory compliance? This episode explores SCA (Software Composition Analysis) and explains how SBOMs (Software Bill of Materials), SOUP (Software of Unknown Provenance), and related tooling fit into the broader medical devic

    Christian Espinosa, Founder & CEO at Blue Goat Cyber

    By Christian Espinosa, MBA, CISSP

    Founder & CEO · Blue Goat Cyber

    Last reviewed: May 1, 2026

    Listen now

    Why does software composition analysis matter beyond regulatory compliance?

    This episode explores SCA (Software Composition Analysis) and explains how SBOMs (Software Bill of Materials), SOUP (Software of Unknown Provenance), and related tooling fit into the broader medical device cybersecurity landscape. Christian and Trevor clarify common misconceptions, including licensing fears, machine-readable requirements, and the role of static testing tools.

    Bring this work to your device

    Need help with sbom management?

    Blue Goat Cyber delivers sbom & supply chain services for medical device manufacturers - from threat modeling to FDA-ready reports.

    SBOM & Supply Chain Services

    More on SBOM Management

    Ready when you are

    Get FDA cleared without the cybersecurity headaches.

    30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ submissions.