The sbomify Blog
Content for software, product, and digital security experts
Blog
Using Conan for C SBOMs
Last November I wrote about The C conundrum as there’s so much C code that needs SBOMs, but there was no straightforward way to generate them.
CISA's Minimum Elements now in Draft
CISA has published a public comment draft of updated SBOM Minimum Elements. This draft is intended as successor guidance to the NTIA Minimum Elements first issued on July...
Big Update to sbomify
Happy 4 July to our US friends.
Unpacking Raspberry Pi's Built‑In SBOM Magic
When the Raspberry Pi Foundation quietly unveiled rpi‑image‑gen, most of the headlines focused on how it streamlines custom image creation. Tucked inside that announcement is something even more...
Chris Swan Joins sbomify Advisory Board
sbomify is excited to announce that Chris Swan has joined its advisory board. Chris brings extensive experience in DevOps, open source, and cybersecurity, making him an invaluable asset...
Mastering SBOM Generation with Yocto
I recently spent time with Yocto to better understand how it works with SBOMs, and I was very impressed. In short, if you are building your own Linux...
sbomify Goes Open Source: A New Chapter in SBOM Management
I am thrilled to share that sbomify is now officially open source! As of today, you can find our project on GitHub. This decision is a leap forward...
How SBOMs Can Help You Achieve PCI DSS 4.0 Compliance
What Is PCI DSS 4.0?
The C conundrum - generating SBOMs when there's no lockfile
Generating an SBOM for something created in a modern language like Dart, Go, Python or Rust is pretty easy. Dependencies are declared using the language’s package manager, the...
sbomify GitHub Action v0.3.0: Now Faster and Compatible with GitLab!
We’re excited to announce the release of version 0.3.0 of our GitHub Actions module!
GitHub Action module with Attestation
Over the last few weeks, we’ve made some significant updates to our GitHub Actions module. Since our last update, we’ve added a few new features.
Big update to our GitHub Action
In the last few weeks, we’ve worked hard on overhauling the sbomify GitHub Action based on customer feedback. The initial purpose of the GitHub Action module was merely...