RSA Conference 2023 ran April 24-27 in San Francisco, hosting roughly 40,000 attendees and a supply chain security track with more than 20 sessions. This year's tone was noticeably different from 2022. The panels had moved past "what is an SBOM" and into "why does producing one not actually help most operators yet." Sessions featured operators from Lockheed Martin, Capital One, and the USAF, vendors like Chainguard, Anchore, and Snyk, and government speakers from CISA and NIST. I took detailed notes across the track and compressed them here into five themes that seem to matter for planning 2024 program work. If you missed the week in person, the track told a consistent story, and the story was that the easy wins have been claimed.
Is SBOM adoption actually improving?
SBOM adoption is improving in name but not in operator value, as Allan Friedman (CISA) acknowledged in his keynote panel on April 25. Roughly 70% of the Fortune 500 produced some form of SBOM in 2023 according to Linux Foundation survey data, but fewer than 30% of operators said they routinely ingested supplier SBOMs into a tool that would alert on a new CVE. The gap is the ingestion pipeline: format mismatch (SPDX vs CycloneDX), missing PURLs, and the absence of a standard delivery channel. Attendees at the practitioner birds-of-a-feather repeatedly said they receive SBOMs as PDF attachments to procurement emails. Until SBOM exchange has the equivalent of RSS or a VEX feed, "we produce an SBOM" is a compliance artifact rather than a defender control.
How did SLSA discussions evolve?
SLSA discussions evolved from "what are the levels" to "who actually runs Level 3." The SLSA v1.0 announcement in April 2023 simplified the framework from four levels into three tracks, and the Sigstore integration with GitHub Actions made Level 3 approachable for OSS projects. Two talks (one by Joshua Lock at VMware, one from Google on the SLSA GitHub generator) dug into the gap between Level 2 and Level 3: hermetic, parameterless builds. Large enterprises running self-hosted Jenkins fleets said hermetic builds are several quarters of plumbing away. OSS maintainers using GitHub Actions can reach Level 3 in an afternoon. This asymmetry was a repeated theme and the track consensus was that Level 2 is the right short-term floor for most enterprises.
What did federal procurement speakers emphasize?
Federal procurement speakers emphasized that M-22-18 attestations, due initially in June 2023 (later extended to June 2024 for critical software and September 2024 for general software), would shift vendor behavior more than any NIST publication. CISA representatives described the attestation form as "a forcing function," and vendors echoed that procurement offices were already refusing to renew contracts without SSDF evidence. One panel included an unnamed contracting officer who described a specific enterprise that had cut 11 line items from a renewal because the supplier could not produce build provenance on demand. The signal for private-sector buyers was that the federal standards were filtering into commercial RFPs.
What were the standout tools and demos?
The standout tools in the track were in-toto attestation chaining, the Sigstore cosign 2.0 release, Chainguard Images, and Rekor transparency log visualization. In-toto got airtime because it handles the problem of linking multiple build and test steps into a single verifiable chain, which SLSA provenance alone does not address. Chainguard Images were cited repeatedly as the minimal-CVE default for containers: presenters showed base-image CVE counts dropping from 200+ (Ubuntu 22.04) to fewer than 10 (Chainguard's equivalent) without losing functionality. A Rekor UI demo showed attestation lookup for a specific artifact in under a second. The tooling is mature enough to build programs on; the integration and education gap is the current bottleneck.
What did operators say was still missing?
Operators repeatedly said what is still missing is the VEX-ingestion-to-ticket pipeline and reachability analysis at scale. A VEX (Vulnerability Exploitability eXchange) document lets a supplier declare a vulnerability as Not Affected, Affected, Fixed, or Under Investigation for a given product, but operators pointed out that most SCA tools still did not read VEX in 2023. Reachability analysis, which determines whether vulnerable code is actually invoked in a deployed configuration, was the most-requested missing capability across three practitioner panels. The reachability gap explains why vulnerability-report exhaustion is the number-one operator complaint; fixing half the CVEs (the reachable ones) is much more valuable than triaging all of them.
What should program owners take away for 2024?
Program owners should take away three priorities. First, move SBOM work from production to ingestion; the value is in what you do with incoming supplier SBOMs, not what you ship out. Second, target SLSA Level 2 as the enterprise floor, acknowledging Level 3 is a longer bet. Third, adopt VEX and reachability in 2024 to cut vulnerability triage load by a realistic 40-60% based on the operator numbers shared on panels. The federal procurement clock will keep advancing; vendors that cannot produce provenance, SBOMs, and secure development attestations on demand will lose renewals. Build internal tooling that can service those requests in hours, not weeks.
How Safeguard Helps
Safeguard directly addresses the operator gaps RSA 2023 called out. The ingestion pipeline accepts CycloneDX, SPDX, and VEX documents from any supplier channel, normalizes them into a unified graph, and alerts on matched CVEs. Griffin AI performs reachability analysis across application code, container images, and runtime telemetry to flag the vulnerabilities that actually execute in your environment. The TPRM module produces SSDF-aligned attestation evidence on demand, shortening the procurement response loop from weeks to hours. Policy gates enforce SLSA Level 2 as a deployment baseline and can be set to require SLSA Level 3 for privileged services. The practical outcome is a measurable decline in triage volume and a clean narrative for federal and commercial attestation requests.