Organizations are successfully generating SBOMs for security, regulatory compliance, and business reasons, but struggle with their distribution.
This blog post explores the introduction of SBOM requirements in PCI DSS 4.0, detailing the specific requirements and timelines, and suggesting steps for organizations to prepare for the March 2025 enforcement date.
A new vulnerability, impacting XZ Utils with CVSS severity score of 10, brings potential remote code execution risks.
Explore the FDA's new SBOM requirements for medical devices, detailing the scope, structure, and support information needed for compliance.
A summary of the key insights from the ESF's latest recommendations on OSS and SBOM management.
Researchers from Ruhr University Bochum have uncovered Terrapin, a new SSH vulnerability (CVE-2023-48795) allowing man-in-the-middle attacks, affecting widely used SSH applications.
Explore the EPSS scoring system and how it helps prioritize vulnerability exploitability.
Explore crucial elements for creating high-quality SBOMs including tooling, integration strategies, configuration, and data fields in compliance with licensing and security requirements.
Explore the world of Software Bill of Materials (SBOMs) with examples and explanations of popular formats like SPDX and CycloneDX.
An overview of SPDX License Identifiers and Expressions and how they streamline open source licensing communication.
