software bill of materials
SBOM management and generation: How Sonatype leads in software supply chain visibility
As software supply chain threats become more complex, organizations need more than just vulnerability scanning — they need complete visibility into the components that make up their applications ...
How SBOMs power secure software acquisition | Sonatype Blog
CISA's Supply Chain Integrity Month reminds us of an undeniable truth about modern software development: transparency in software supply chains is no longer optional. The theme of week 4 is "Transparency: Securing ...
Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition
Payment Card Industry Data Security Standard (PCI DSS) was developed to strengthen payment account data security and standardize globally the necessary security controls. The transition from PCI DSS 3.2.1 and earlier versions ...
Proactive compliance with Sonatype: Automating reporting for U.S. Army SBOM requirements
We've been closely following the regulatory response to the increasing frequency with which cybersecurity attacks target software supply chains ...
Unlock collaboration and efficiency in software management with SBOMs
As software supply chains grow more complex, organizations face increasing challenges to manage and secure open source components ...
Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update
As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a ...
Gain visibility and traceability of your software supply chain with SBOMs with new Gartner® report
When you better understand the complexities of your software, you take a foundational step toward enhancing security and managing risks in your software supply chain ...
Securing your software supply chain with CISA’s new SBOM guidance
With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use ...
ADDO session: The state of SBOM, what’s coming in standards and regulations
In 2021, the Log4j vulnerability catalyzed the industry to take action to boost the security of open source components. The development community is leading this movement, but governments are also taking notice ...
Simplifying SBOM compliance with Sonatype under India’s cybersecurity framework
The Indian Securities and Exchange Board (SEBI) recently took a significant step to enhance software security by incorporating software bill of materials (SBOM) mandates under its Cybersecurity and Cyber Resilience Framework (CSCRF) ...
