European Standards| CEN-CENELEC
The German IT Security Act 2.0| Federal Office for Information Security
See timelines, requirements, and details for SBOM compliance regulations. Learn about requirements in PCI DSS, the CRA, the FDA, and more.| fossa.com
A comprehensive overview of SBOMs (software bill of materials): their data fields, use cases, and formats, why they’re needed, and how to manage them.| fossa.com
Learn about VEX (Vulnerability Exploitability eXchange), which is used to communicate whether vulnerabilities impacting software products are actually exploitable.| Dependency Heaven
A new provision in PCI DSS 4.0 will require certain organizations to create and maintain SBOMs to help facilitate vulnerability management.| Dependency Heaven
Explore different SBOM formats like SPDX and CycloneDX, their specifications, and their implications for software transparency and cybersecurity.| fossa.com
Explore the FDA's new SBOM requirements for medical devices, detailing the scope, structure, and support information needed for compliance.| fossa.com
The NIS2 Directive: A high common level of cybersecurity in the EU| www.europarl.europa.eu