CISA’s Supply Chain Integrity Month reminds us of an undeniable truth about modern software development: transparency in software supply chains is no longer optional. The theme of week 4 is “Transparency: Securing Hardware and Software Across the Supply Chain.” With more than 90% of modern software applications relying on open source, this message couldn’t be more timely. Transparency is at the heart of the current trend in legislative action, which puts a spotlight on the way agencies evaluate, purchase, and monitor software.

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by April Downey. Read the original post at: https://www.sonatype.com/blog/how-sboms-power-secure-software-acquisition