The sbomify Blog

Content for software, product, and digital security experts

Exploring the New SPDX 3.0: A Game Changer for SBOMs

TL;DR: SPDX 3.0 is the latest update to the Software Package Data Exchange standard, significantly enhancing the way Software Bill of...

Cowboy Neil Apr 28. 2024
Read more →

What Is OpenSSF? Scorecards, SLSA, and the Open Source Security Ecosystem

After the Log4Shell vulnerability exposed how a single widely-used open source library could affect hundreds of thousands of organizations,...

Cowboy Neil Apr 25. 2024
Read more →

How SBOMs Streamline SOC 2 Compliance: Insights for the Agile Enterprise

Decoding SOC 2 Compliance for Agile Enterprises For agile enterprises aiming to assure clients that their data is in safe hands, SOC 2...

Cowboy Neil Apr 23. 2024
Read more →

What really happened to XZ?

The article “XZ Backdoor Story Part 1” from Securelist delves into the discovery and analysis of a backdoor found in XZ, which...

Cowboy Neil Apr 13. 2024
Read more →

Elevate Your Cybersecurity with Our Leading SBOM Management Solution

In an era where digital security is paramount, the recent Executive Order 14028 on Improving the Nation’s Cybersecurity has set a new...

Cowboy Neil Apr 12. 2024
Read more →

NIST Cybersecurity Framework (CSF) 2.0: What It Means for Software Supply Chain Security

In February 2024, the National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Framework – the most...

Cowboy Neil Apr 11. 2024
Read more →

What Is a CBOM? The Cryptography Bill of Materials Explained

Organizations know what software libraries they depend on – or at least they should, if they maintain SBOMs. But ask most organizations what...

Cowboy Neil Apr 10. 2024
Read more →

How to create an SBOM

📘 Updated Guides Available This article provides a general overview, but we now have more comprehensive and up-to-date guides available....

Viktor Petersson Apr 7. 2024
Read more →

Elevating M&A Due Diligence with SBOMs: A Guide for Corporate Strategists

In the competitive arena of mergers and acquisitions (M&A), the due diligence phase is a pivotal moment that determines the success or...

Cowboy Neil Apr 7. 2024
Read more →

Elevating M&A Due Diligence with sbomify's SBOM Management

In the world of mergers and acquisitions (M&A), the stakes are high, and the margin for error is low. A critical aspect of the M&A...

Cowboy Neil Apr 3. 2024
Read more →

Streamlining Open Source License Compliance in M&A: Unveiling the sbomify Advantage

In the intricate arena of mergers and acquisitions (M&A) within the tech industry, the due diligence process is paramount, especially...

Cowboy Neil Apr 3. 2024
Read more →

Demystifying SBOMs: The Backbone of Modern Software Security

When the Log4Shell vulnerability (CVE-2021-44228) was disclosed in December 2021, organizations around the world scrambled to answer a...

Cowboy Neil Apr 3. 2024
Read more →