Source: thenewstack.io
How to Create a Software Bill of Materials
Although there might be days when you feel like dropping “SBOMs” left and right, within the realm of technology we’re not talking about another term for a four-letter word starting with “S.” SBOM stands for Software Bill of Materials and has become a crucial aspect of security for enterprise businesses and developers.
When you go to install Software X, you might find that it depends on Software 1, Software 2, Software 3, and Software 4.
Thankfully, there have been standards set for SBOMs that provide a common format for describing the makeup of installed software (or container images) that make consuming the reported data considerably easier.
At this point, you not only know every piece of software installed in a container image, but you also know if it contains any known vulnerabilities.
When you go to install Software X, you might find that it depends on Software 1, Software 2, Software 3, and Software 4.
Thankfully, there have been standards set for SBOMs that provide a common format for describing the makeup of installed software (or container images) that make consuming the reported data considerably easier.
At this point, you not only know every piece of software installed in a container image, but you also know if it contains any known vulnerabilities.
Related Articles
Community Partners
DevOps Careers