How to integrate SBOMs into the software development life cycle

The widespread availability of third-party and open source software has significantly accelerated modern software development. These technologies also pose a risk, because the external code used by a company has not gone through vital security review processes. A software bill of materials (SBOM) can help provide governance over these external components. An SBOM lists the libraries used by a piece of software and in some cases describes their vulnerability and license status.

availability bill can code development external governance integrate life materials open source party processes review risk sbom sboms sdlc security software software bill of materials software development software development life cycle technologies third third-party