I Have An SBOM, Now What ?!?
Security Boulevard, Tuesday, August 6th, 2024
A Software Bill of Material (SBOM) lists the software components that are used in a piece of software. It typically also provides an overview of known vulnerabilities (N-day vulnerabilities) as well as the software licenses that cover the components used.
All in all, this is often a significant amount of information to process, especially if this is the first time that you are seeing an SBOM for your software development project, which is the case for a lot of teams that rely on software as a significant component in the products that they build.
Why Are We Doing This?!?
Cyber security regulations are tightening for many industries and regulators are taking notice. This holds for, for example, the automotive industry, the US Federal Government through Executive Order 14028, the FDA as well as the European Consumer market through the Cyber Resiliency Act.