sbomify logo

The sbomify Blog

Content for software, product, and digital security experts

Announcing sbomify-action v0.14: The One With Yocto

What started as github-action has outgrown its name. With v0.14, we are officially renaming the project to sbomify-action to reflect what it...

Viktor Petersson Mar 2. 2026
Read more →

Why We're Bullish on TEA, And Why You Should Be Too

Imagine you’re standing in an electronics store, holding a product in your hand. Using a TEA app, you could automatically scan the...

Viktor Petersson Mar 1. 2026
Read more →

Announcing sbomify v0.27: The One with TEA

We have been working towards this release for a while. sbomify v0.27 brings full Transparency Exchange API (TEA) support, SPDX 3.0...

Viktor Petersson Feb 24. 2026
Read more →

Announcing sbomify v0.26: The One Where Bootstrap Moved Out

A Faster, More Accessible UI The first thing you will notice is that sbomify feels faster. Pages load more quickly, transitions are...

Viktor Petersson Feb 16. 2026
Read more →

The Role of SBOMs in Cybersecurity: From Visibility to Vulnerability Response

A Software Bill of Materials (SBOM) is a foundational cybersecurity tool that provides a complete, machine-readable inventory of every...

Cowboy Neil Feb 8. 2026
Read more →

What Is CVSS? Understanding Vulnerability Severity Scoring

The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the severity of software vulnerabilities. Published...

Cowboy Neil Feb 5. 2026
Read more →

Announcing sbomify-action v0.13: The One Where We Go to FOSDEM

We timed the sbomify-action v0.13 release for FOSDEM 2026, where we presented on CRA-ready SBOM generation. FOSDEM 2026: CRA-Ready SBOMs...

Viktor Petersson Feb 4. 2026
Read more →

SBOM Scanning: How to Detect Vulnerabilities in Your Software Components

SBOM scanning is the process of analyzing a Software Bill of Materials to identify known vulnerabilities, license issues, and other risks in...

Cowboy Neil Feb 1. 2026
Read more →

What Is a Dependency in Software? A Beginner's Guide

A dependency in software is any external component — a library, framework, module, or package — that your application relies on to function....

Cowboy Neil Jan 29. 2026
Read more →

SBOM Generation Tools Compared: Syft, Trivy, cdxgen, and More

SBOM generation tools analyze your software projects and produce machine-readable Software Bills of Materials in standard formats like...

Cowboy Neil Jan 26. 2026
Read more →

Announcing sbomify v0.25: The One with Attestations

Software supply chain security is not just about knowing what is in your software. It is about proving that knowledge is authentic and has...

Viktor Petersson Jan 23. 2026
Read more →

The MIT License: A Complete Guide for Developers

The MIT License is a permissive open source license that allows virtually unrestricted use, modification, distribution, and sublicensing of...

Cowboy Neil Jan 22. 2026
Read more →
← Previous Page 1 of 7 Next →