Learn about the new features and improvements in CycloneDX 1.6, including Cryptographic BOM, Attestation support, and Machine Learning BOM enhancements.| fossa.com
Learn about FOSSA's new SBOM policy feature that helps enforce SBOM standards for compliance and security.| fossa.com
As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.| Dependency Heaven
The more accurate and comprehensive an SBOM is, the more valuable it will be. See considerations and strategies for generating high-quality SBOMs in your organization.| Dependency Heaven
The U.S. Army has announced new SBOM requirements for contractors and subcontractors to improve software supply chain security. Learn about the implementation timeline, scope, and how to prepare.| fossa.com
An overview of the Cyber Resilience Act (CRA) and its implications for SBOM requirements, diving into its standards and comparisons to global initiatives.| fossa.com
Learn about SPDX License Identifiers and License Expressions, and see how you can use them to communicate licensing information in an SBOM.| Dependency Heaven
Customizability, ease of use, and support for CycloneDX and SPDX are among the most important features of a best-in-class SBOM tool.| Dependency Heaven
Learn about VEX (Vulnerability Exploitability eXchange), which is used to communicate whether vulnerabilities impacting software products are actually exploitable.| Dependency Heaven
Introducing FOSSAs new SBOM Management add-on to simplify software inventory and compliance processes.| fossa.com
A new provision in PCI DSS 4.0 will require certain organizations to create and maintain SBOMs to help facilitate vulnerability management.| Dependency Heaven
See important considerations and recommendations for requesting SBOMs (software bill of materials) from software suppliers.| Dependency Heaven
SPDX 3.0 introduces new profiles for better use case targeting and flexibility. Major upgrades include changes in document structure, profiles, relationships, and creator information.| fossa.com
Explore different SBOM formats like SPDX and CycloneDX, their specifications, and their implications for software transparency and cybersecurity.| fossa.com
Explore the FDA's new SBOM requirements for medical devices, detailing the scope, structure, and support information needed for compliance.| fossa.com
A summary of the key insights from the ESF's latest recommendations on OSS and SBOM management.| fossa.com
A detailed comparison of SCA and SAST security tools, highlighting their differences and combined use for enhanced security.| fossa.com
A new version of the CycloneDX bill of materials specification has been released. See what's new in CycloneDX v1.5.| Dependency Heaven