The sbomify Blog
Content for software, product, and digital security experts
Blog
Comprehensive Guide to Generating and Understanding SBOMs with Docker and Django-CMS
It’s fair to say that SBOMs (Software Bill of Materials) is a rapidly emerging field. Many vendors, like Docker and GitHub, now offer tools to automatically generate SBOMs...
Call for Views on the Code of Practice for Software Vendors: Ensuring Security and Resilience
The UK government has launched a call for views on a new voluntary Code of Practice for Software Vendors. This initiative aims to enhance the security and resilience...
Enhancing SBOM Sharing: A Look at Current Practices and the Role of sbomify
Software Bill of Materials (SBOM) sharing is becoming increasingly vital in our interconnected digital ecosystem, where security and transparency play crucial roles. The “SBOM Sharing Primer,” published this...
Understanding ISO 42001 and the Integration of SBOMs for Enhanced Operational Resilience
Introduction to ISO 42001
Harnessing ISO 27001 and SBOMs for Enhanced Information Security Management
Introduction to ISO 27001
Exploring the New SPDX 3.0: A Game Changer for SBOMs
TL;DR: SPDX 3.0 is the latest update to the Software Package Data Exchange standard, significantly enhancing the way Software Bill of Materials (SBOMs) are created, maintained, and utilized...
OpenSSF and OpenSSF Scorecards: Bolstering Open Source Security
Introducing OpenSSF: A Beacon for Open Source Security
How SBOMs Streamline SOC 2 Compliance: Insights for the Agile Enterprise
Decoding SOC 2 Compliance for Agile Enterprises
What really happened to XZ?
The article “XZ Backdoor Story Part 1” from Securelist delves into the discovery and analysis of a backdoor found in XZ, which is commonly used in various Linux...
Elevate Your Cybersecurity with Our Leading SBOM Management Solution
In an era where digital security is paramount, the recent Executive Order 14028 on Improving the Nation’s Cybersecurity has set a new precedent for software supply chain security,...
Introducing the NIST Cybersecurity Framework (CSF) 2.0
In February 2024, the National Institute of Standards and Technology (NIST) released an updated version of the Cybersecurity Framework, now aptly named CSF 2.0. This revamped framework serves...
Future-Proofing Cybersecurity with the Cryptography Bill of Materials (CBOM)
In the rapidly evolving landscape of cybersecurity, the dawn of quantum computing presents both an unprecedented opportunity and a formidable challenge. The traditional cryptographic frameworks that have long...