sbomify logo

Viktor Petersson

Viktor Petersson

Serial entrepreneur and cybersecurity innovator, currently focused on shaping the future of software security and compliance. As the founder of sbomify, he simplifies Software Bill of Materials (SBOM) management, helping organizations navigate emerging cybersecurity regulations such as the Cyber Resilience Act (CRA). Viktor co-led the CISA SBOM Working Group on SBOM generation and is an invited expert to ECMA TC54. He shares insights and industry trends through his podcast, Nerding Out With Viktor.

Posts by Viktor Petersson

FDA Medical Device SBOM Requirements: What the New Cybersecurity Guidance Means for Manufacturers

compliance

Breakdown of the FDA's June 2025 guidance on medical device cybersecurity, explaining SBOM requirements, premarket submission expectations, and com...

CRA Explained: What the Cyber Resilience Act Means for Device Manufacturers

podcast

Podcast episode with EU CRA expert Sarah Fluchs explaining SBOM requirements, the 5-year support mandate, and vulnerability management for device m...

Major Updates: sbomify v0.21 and Action Module v0.8 & v0.9

announcement

Triple release: sbomify v0.21 with vulnerability trends dashboard, plus GitHub Action v0.8 and v0.9 featuring modular generation plugins and 8 enri...

Announcing sbomify v0.20: Custom Domains & Streamlined Onboarding

announcement

sbomify v0.20 release featuring custom domain support for Trust Centers, redesigned onboarding wizard, team invitation improvements, and security h...

Announcing GitHub Action 0.7.0 and sbomify 0.19

announcement

Major releases: GitHub Action 0.7.0 with ecosyste.ms enrichment and SPDX support, plus sbomify 0.19 with full Django+HTMX migration, custom domains...

CISA's Minimum Elements now in Draft

news

Analysis of CISA's 2025 draft SBOM Minimum Elements update, adding required hash, license, and tool provenance fields to succeed the 2021 NTIA guid...

Big Update to sbomify

announcement

sbomify v0.15 introduces document support alongside SBOMs, improved public pages, and product-level SBOM aggregation—evolving into a complete compl...

Unpacking Raspberry Pi's Built‑In SBOM Magic

news

How Raspberry Pi's rpi-image-gen tool generates SPDX SBOMs out of the box, achieving a 7.8/10 quality score with sbomqs for embedded image builds.

Chris Swan Joins sbomify Advisory Board

announcement

Chris Swan, Engineer at Atsign and former CTO at UBS, joins sbomify's advisory board bringing DevOps, open source, and cybersecurity expertise.

Mastering SBOM Generation with Yocto

guide

Deep dive into Yocto's built-in SPDX 2.2 SBOM generation, analyzing output quality with sbomqs and integrating with sbomify for SBOM lifecycle mana...

sbomify Goes Open Source: A New Chapter in SBOM Management

announcement

sbomify is now open source under Apache 2.0 plus Common Clause. Learn about our hierarchical SBOM approach, CycloneDX support, and Project Koala in...

How SBOMs Can Help You Achieve PCI DSS 4.0 Compliance

compliance

Discover how Software Bill of Materials (SBOMs) help online gambling and e-commerce businesses achieve PCI DSS 4.0 compliance through better vulner...

sbomify GitHub Action v0.3.0: Now Faster and Compatible with GitLab!

announcement

sbomify GitHub Action v0.3.0 release adds GitLab CI/CD support, 50% faster build times, and bug fixes for Docker image SBOM generation.

GitHub Action module with Attestation

announcement

New features in sbomify's GitHub Action including Dart lockfile support, Docker image SBOMs, NTIA enrichment, and SLSA build provenance attestation.

Big update to our GitHub Action

announcement

Major overhaul of sbomify GitHub Action transforming it from a simple upload tool to a complete SBOM Swiss Army knife with generation, augmentation...

How to generate an SBOM from a Docker container

guide

Guide to generating SBOMs from Docker container images using Syft, Trivy, and Docker Desktop, including limitations and best practices for separati...

Introducing sbomify: Revolutionizing SBOM Management

announcement

Announcing the launch of sbomify, a platform for automated SBOM management and sharing that integrates with CI/CD pipelines to ensure stakeholders ...

Exploring the Future of Software Security: Join Us at BSides Bristol

news

sbomify presents 'Navigating the SBOM Landscape: Formats, Relevance, and Tooling in 2024' at BSides Bristol, covering SPDX, CycloneDX, and current ...

Announcing sbomify's GitHub Actions Module: Seamlessly Share SBOMs in Your CI/CD Pipeline

announcement

Introducing sbomify's GitHub Actions module for automated SBOM generation in your CI/CD pipeline. Available on GitHub Marketplace for seamless inte...

How to Generate SBOMs for Python Packages with `pipdeptree` and `cyclonedx-py`

guide

Tutorial on generating CycloneDX SBOMs for Python projects using pipdeptree and cyclonedx-py, including transitive dependencies and best practices ...

How to create an SBOM

guide

Step-by-step guide to generating SBOMs using Docker CLI and GitHub tools including the command line interface, Dependency Graph, and REST API.