## Abstract: Everyone’s talking about SBOMs for vulnerabilities, but few are using them for what they really are: inventories. This session is a guided, hands-on exploration of SBOMs using SBOMPlay — showing how to aggregate, compare, and visualize dependency patterns across repositories and orgs, identify license issues, and unlock strategic insights. ## Learning Outcomes: - Read and interpret SBOMs beyond just CVEs - Visualize dependencies across multiple repositories - Identify licensing conflicts and stale components - Leverage SBOMPlay in your own dev or security workflow ## Audience Level Beginner - The student has an interest in the topic presented and general technology knowledge that a power user or undergraduate student may have acquired. ## Prerequisite: 1. Personal Laptop with unrestricted internet access 2. ⁠Google Account with Access to Google Cloud Console & Cloud Shell (ref: docs.cloud.google.com/shell/docs/launching-cloud-shell) 3. ⁠Personal GitHub Account 4. Discord Account for support Due to the short duration of workshop, we would not be able to provide trouble shooting support to students. if the systems dont work recommended approach would be to see how others are doing and later on after workshop they can try it.