Hello, Guest!


Experts Note Increasing Adoption of Software Bills of Materials

SBOM adoption

Experts Note Increasing Adoption of Software Bills of Materials

Kate Stewart, a computer scientist at the Linux Foundation involved with defining standards for software bills of materials, said that the industry is starting to make progress with the concept compared to a decade ago. She added that having access to “good quality SBOMs” and their corresponding vulnerability data could result in better usage outcomes.

According to Allan Friedman, a Department of Homeland Security scientist, defenders can more easily spot and fix vulnerabilities if SBOMs work with existing vulnerability management systems.

SBOMs detail the components of a given piece of software and their relationships with each other. They are meant to aid engineers looking for potential exploits in a program, FedScoop reported Thursday.

The practice is beginning to see adoption throughout the government. Aquia recently announced that it would implement an application programming interface for ingesting SBOMs as part of a subcontractor agreement with Noblis under an existing contract with the Centers for Medicare and Medicaid Services.

In November, a senior cybersecurity adviser with the Department of Energy called on the Cybersecurity and Infrastructure Security Agency to create a central hub for SBOMs. Earlier, a Department of State official shared plans to establish guidelines for making and storing such lists.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Category: Cybersecurity