sbomify logo

The sbomify Blog

Content for software, product, and digital security experts

Software Composition Analysis (SCA): What It Is and How SBOMs Fit In

Software Composition Analysis (SCA) is a category of application security tooling that identifies open source and third-party components in...

Cowboy Neil Jan 11. 2026
Read more →

FDA Medical Device SBOM Requirements: What the New Cybersecurity Guidance Means for Manufacturers

On June 27, 2025, the FDA issued updated guidance on “Cybersecurity in Medical Devices: Quality System Considerations and Content of...

Viktor Petersson Jan 9. 2026
Read more →

Apache License 2.0: What It Is, How It Works, and What It Means for Your Software

The Apache License 2.0 is a permissive open source license published by the Apache Software Foundation (ASF) that allows users to freely...

Cowboy Neil Jan 7. 2026
Read more →

CRA Explained: What the Cyber Resilience Act Means for Device Manufacturers

The EU Cyber Resilience Act (CRA) is transforming how device manufacturers approach cybersecurity. To break down what this means in...

Viktor Petersson Jan 6. 2026
Read more →

Container Security: Best Practices for Securing Docker and Kubernetes

Container security is the practice of protecting containerized applications and their infrastructure throughout the entire lifecycle – from...

Cowboy Neil Jan 3. 2026
Read more →

What Is a KEV? Understanding CISA's Known Exploited Vulnerabilities Catalog

A KEV – Known Exploited Vulnerability – is a vulnerability that attackers are exploiting right now. When Apache Log4Shell (CVE-2021-44228)...

Cowboy Neil Dec 30. 2025
Read more →

Software Supply Chain Management: Risks, Best Practices, and SBOM Integration

Software supply chain management is the practice of identifying, assessing, and mitigating risks across the entire chain of components,...

Cowboy Neil Dec 26. 2025
Read more →

The GPL License: A Comprehensive Guide to the GNU General Public License

The GPL (GNU General Public License) is a free software license that guarantees end users the freedom to run, study, modify, and share...

Cowboy Neil Dec 22. 2025
Read more →

Major Updates: sbomify v0.21 and Action Module v0.8 & v0.9

We have been busy at sbomify! Today we are announcing a triple release covering significant updates to both the core platform and our...

Viktor Petersson Dec 19. 2025
Read more →

CVE Vulnerabilities Explained: What They Are and Why They Matter

A CVE (Common Vulnerabilities and Exposures) is a standardized identifier assigned to a publicly known cybersecurity vulnerability. Each CVE...

Cowboy Neil Dec 18. 2025
Read more →

Software Development Life Cycle (SDLC): A Complete Guide

The Software Development Life Cycle (SDLC) is a structured process that defines the stages involved in developing software from initial...

Cowboy Neil Dec 15. 2025
Read more →

Announcing sbomify v0.20: Custom Domains & Streamlined Onboarding

We’re excited to announce the release of sbomify v0.20, a significant update focused on empowering organizations to make their Trust...

Viktor Petersson Dec 12. 2025
Read more →
← Previous Page 3 of 8 Next →