sbomify logo

The sbomify Blog

Content for software, product, and digital security experts

How SBOMs Can Help You Achieve PCI DSS 4.0 Compliance

What Is PCI DSS 4.0? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that...

Viktor Petersson Jan 7. 2025
Read more →

The C conundrum - generating SBOMs when there's no lockfile

Generating an SBOM for something created in a modern language like Dart, Go, Python or Rust is pretty easy. Dependencies are declared using...

Chris Swan Nov 18. 2024
Read more →

sbomify GitHub Action v0.3.0: Now Faster and Compatible with GitLab!

We’re excited to announce the release of version 0.3.0 of our GitHub Actions module! This update brings some valuable enhancements,...

Viktor Petersson Nov 12. 2024
Read more →

GitHub Action module with Attestation

Over the last few weeks, we’ve made some significant updates to our GitHub Actions module. Since our last update, we’ve added a...

Viktor Petersson Oct 31. 2024
Read more →

Big update to our GitHub Action

In the last few weeks, we’ve worked hard on overhauling the sbomify GitHub Action based on customer feedback. The initial purpose of...

Viktor Petersson Oct 4. 2024
Read more →

How to generate an SBOM from a Docker container

A lot of people are asking about how one can generate an SBOM based on a Docker container. It seems to be a good idea, since a lot of modern...

Viktor Petersson Sep 20. 2024
Read more →

Introducing sbomify: Revolutionizing SBOM Management

We’re excited to announce the launch of sbomify, a platform designed to transform how businesses manage and share Software Bill of Materials...

Viktor Petersson Aug 29. 2024
Read more →

Exploring the Future of Software Security: Join Us at BSides Bristol

This weekend marks an exciting event for the cybersecurity community — BSides Bristol is officially kicking off! We’re thrilled to be a part...

Viktor Petersson Aug 26. 2024
Read more →

Announcing sbomify's GitHub Actions Module: Seamlessly Share SBOMs in Your CI/CD Pipeline

We are thrilled to announce the launch of sbomify’s GitHub Actions Module — now available in the GitHub Marketplace! This powerful...

Viktor Petersson Aug 21. 2024
Read more →

Comparing SBOM Formats: Focus on Component Types in CycloneDX vs. SPDX

CycloneDX and SPDX are two leading SBOM (Software Bill of Materials) standards, each with distinct strengths and support for various...

Cowboy Neil Aug 20. 2024
Read more →

What Is SLSA? Understanding Supply Chain Levels for Software Artifacts

In 2020, attackers compromised SolarWinds’ build system and injected malicious code into Orion software updates that were distributed...

Cowboy Neil Aug 17. 2024
Read more →

What Is in-toto? Securing the Software Supply Chain End to End

When the XZ Utils backdoor was discovered in March 2024, it revealed how a malicious contributor could spend years infiltrating an...

Cowboy Neil Aug 14. 2024
Read more →
← Previous Page 4 of 7 Next →