Articles about SBOM

Enterprises are increasingly looking to software bills of materials (SBOM) to understand the components inside the tech products they use in order to secure their software supply chain.

But do SBOMs really provide value? And how can they be used more effectively? We talked to Varun Badhwar, CEO and co-founder of Endor Labs, to find out the keys to using SBOMs successfully.

Continue reading →

The US Cybersecurity and Infrastructure Agency's (CISA) Secure Software Development Attestation Form rules come into force on June 11, 2024.

This requires software producers who work with the US government to adhere to and confirm the deployment of key security practices. But new research from Lineaje reveals that 80 percent of companies are not ready.

Continue reading →

Concerns around supply chain security, partly driven by President Biden's Executive Order on Improving the US' Cybersecurity, are leading to increased adoption of software bills of materials (SBOM).

Research from Sonatype surveyed over 200 IT directors in the US and UK at businesses with over $50 million revenue and finds 76 percent of enterprises have adopted SBOMs since the order's introduction.

Continue reading →

As developers increasingly rely on open source components in their projects, knowing which have been used is a key part of being able to identify updates and potential threats. This is where a software bill of materials (SBOM) is essential.

Application security testing and software research services company GrammaTech is launching a no cost SBOM service, alongside a new version of its CodeSentry software composition analysis (SCA) tool.

Continue reading →

The OWASP Foundation (Open Web Application Security Project) and IBM have today announced IBM’s contribution of two open source projects aimed at increasing trust across open hardware and software supply chains.

The two projects are SBOM Utility and License Scanner, which add to CycloneDX, a flagship OWASP project and a leading Bill of Materials (BOM) standard. These promote validation, content analysis and accuracy of software license information included within BOMs.

Continue reading →

In recent years, the software bill of materials (SBOM) has become a key element of software security and software supply chain risk management.

We spoke to Tim Mackey, head of software supply chain risk strategy at Synopsys to find out more about the benefits and challenges of SBOMs.

Continue reading →

Developers are under more pressure than ever to deliver projects quickly, but at the same time applications and the supply chain need to be kept secure.

So, what things can we expect to see for development in 2023? Here are some expert views on the key trends.

Continue reading →

Attacks on the software supply chain have become more common in recent years. Part of the key to tackling them lies in understanding what components are in your software and where they originate.

This is why the software bill of materials (SBOM) has become a vital tool for organizations seeking to secure their software. We spoke to Alex Rybak, senior director, product management at Revenera to learn more about SBOMs and what advantages they offer.

Continue reading →