The sbomify Blog

Content for software, product, and digital security experts

Major Updates: sbomify v0.21 and Action Module v0.8 & v0.9

We have been busy at sbomify! Today we are announcing a triple release covering significant updates to both the core platform and our...

A CVE (Common Vulnerabilities and Exposures) is a standardized identifier assigned to a publicly known cybersecurity vulnerability. Each CVE...

The Software Development Life Cycle (SDLC) is a structured process that defines the stages involved in developing software from initial...

We’re excited to announce the release of sbomify v0.20, a significant update focused on empowering organizations to make their Trust...

We are excited to announce significant updates to both our GitHub Action and the core sbomify platform. This release brings major...

Last November I wrote about The C conundrum as there’s so much C code that needs SBOMs, but there was no straightforward way to...

CISA has published a public comment draft of updated SBOM Minimum Elements. This draft is intended as successor guidance to the NTIA Minimum...

Happy 4 July to our US friends. Today, we are pleased to announce that we have shipped yet another big update to sbomify, version 0.15. This...

When the Raspberry Pi Foundation quietly unveiled rpi‑image‑gen, most of the headlines focused on how it streamlines custom image creation....

sbomify is excited to announce that Chris Swan has joined its advisory board. Chris brings extensive experience in DevOps, open source, and...

I recently spent time with Yocto to better understand how it works with SBOMs, and I was very impressed. In short, if you are building your...

I am thrilled to share that sbomify is now officially open source! As of today, you can find our project on GitHub. This decision is a leap...