The sbomify Blog
Content for software, product, and digital security experts
Blog
Understanding ISO 42001 and the Integration of SBOMs for Enhanced Operational Resilience
Introduction to ISO 42001
Harnessing ISO 27001 and SBOMs for Enhanced Information Security Management
Introduction to ISO 27001
Exploring the New SPDX 3.0: A Game Changer for SBOMs
TL;DR: SPDX 3.0 is the latest update to the Software Package Data Exchange standard, significantly enhancing the way Software Bill of Materials (SBOMs) are created, maintained, and utilized...
OpenSSF and OpenSSF Scorecards: Bolstering Open Source Security
Introducing OpenSSF: A Beacon for Open Source Security
How SBOMs Streamline SOC 2 Compliance: Insights for the Agile Enterprise
Decoding SOC 2 Compliance for Agile Enterprises
What really happened to XZ?
The article “XZ Backdoor Story Part 1” from Securelist delves into the discovery and analysis of a backdoor found in XZ, which is commonly used in various Linux...
Elevate Your Cybersecurity with Our Leading SBOM Management Solution
In an era where digital security is paramount, the recent Executive Order 14028 on Improving the Nation’s Cybersecurity has set a new precedent for software supply chain security,...
Introducing the NIST Cybersecurity Framework (CSF) 2.0
In February 2024, the National Institute of Standards and Technology (NIST) released an updated version of the Cybersecurity Framework, now aptly named CSF 2.0. This revamped framework serves...
Future-Proofing Cybersecurity with the Cryptography Bill of Materials (CBOM)
In the rapidly evolving landscape of cybersecurity, the dawn of quantum computing presents both an unprecedented opportunity and a formidable challenge. The traditional cryptographic frameworks that have long...
How to create an SBOM
In the evolving landscape of software development and cybersecurity, the importance of creating a Software Bill of Materials (SBOM) has never been more critical. As organizations and developers...
Elevating M&A Due Diligence with SBOMs: A Guide for Corporate Strategists
In the competitive arena of mergers and acquisitions (M&A), the due diligence phase is a pivotal moment that determines the success or failure of potential deals. Traditionally, evaluating...
Navigating the Landscape of Open Source Licenses
Open-source software forms the backbone of countless applications, from the smallest utilities to the infrastructure running the largest data centers. The licenses under which this software is released...