sbomify logo

About Us

We empower software vendors and software buyers to seamlessly manage security compliance and software supply chain transparency.

Our Mission

At sbomify, we believe that software transparency is the foundation of trust in the digital age. As software supply chains become increasingly complex, the need for clear, manageable, and actionable security compliance data has never been greater.

We exist to bridge the gap between software vendors and buyers, providing the tools and infrastructure needed to make transparency a seamless part of the development and procurement lifecycle.

Whether you are a software vendor ensuring compliance with regulations like the EU Cyber Resilience Act (CRA) or a buyer verifying the security of your software assets, sbomify provides the platform to manage, share, and analyze SBOMs with confidence.

The Origin Story

sbomify was born out of necessity. It was created by Viktor Petersson, driven by his firsthand experience as co-founder of Screenly, a leading secure digital signage platform, while implementing a “Secure by Design” and “Secure by Default” philosophy.

During this journey, Viktor discovered significant shortcomings in existing solutions for SBOM lifecycle management — challenges that were later echoed in CISA’s SBOM Sharing Primer. While tools existed for generation, the ecosystem for managing, sharing, and enriching these artifacts was fragmented and insufficient for modern security needs. Another key insight was the need to accurately describe real-world products through a product, project, and component hierarchy, as outlined in our lifecycle guide. sbomify was built to fill these gaps, offering a streamlined platform that addresses the real-world challenges of software supply chain transparency.

Our technology is deeply rooted in industry best practices. Our SBOM generation tool is based on the blueprint from the CISA working group on SBOM generation, which Viktor co-led. This ensures that our approach aligns with the highest standards of security and compliance from the ground up.

Leadership

Viktor Petersson

Viktor Petersson

Founder

Viktor is a serial entrepreneur and cybersecurity innovator, currently focused on shaping the future of software security and compliance. As the founder of sbomify, he simplifies Software Bill of Materials (SBOM) management, helping organizations navigate emerging cybersecurity regulations such as the Cyber Resilience Act (CRA).

Community Leadership:

  • CISA SBOM Working Group: Co-led the working group on SBOM generation.
  • ECMA TC54: Invited expert to the working group focusing on security artifacts and the Transparency Exchange API.

An advocate for secure and efficient technology practices, Viktor is passionate about helping companies adapt to the rapidly evolving cybersecurity landscape. He shares insights and industry trends through his podcast, Nerding Out With Viktor.

Advisors

Chris Swan

Chris Swan

Advisor

Engineer at Atsign building the open-source atPlatform. Former Fellow at DXC Technology and CTO at UBS, Capital SCF, and Credit Suisse. InfoQ Editor, podcaster, and Google Developer Expert.

Dominique Guinard

Dominique Guinard

Advisor

Pioneer in IoT and product transparency. Co-founder of EVRYTHNG and driver of the Product Passport initiative. PhD from ETH Zürich and former MIT Auto-ID Labs researcher.

Steve Springett

Steve Springett

Advisor

Creator of the CycloneDX SBOM standard and Dependency-Track platform. Recognized expert in software supply chain security and leader in the DevSecOps community.