Our Mission

SBOM Insights is a community-driven platform dedicated to sharing knowledge, best practices, and insights about Software Bill of Materials (SBOM). We believe in the importance of software transparency and supply chain security in today’s interconnected digital ecosystem.

What We Cover

SBOM Standards

  • CycloneDX: The OWASP Foundation and Ecma International Technical Committee for Software & System Transparency (TC54) drive the continued advancement of the specification.
  • SPDX: An open standard capable of representing systems with software components in as SBOMs (Software Bill of Materials) and other AI, data and security references supporting a range of risk management use cases.

OSS Utilies

  • OSS utitilies which help with SBOM management e.g(sbomasm, sbomqs, syft, sbom-tool, dependency-track, ..)

Topics of Interest

  • SBOM generation and tooling
  • Supply chain security
  • Vulnerability management
  • License compliance
  • Best practices for SBOM adoption
  • Regulatory requirements and compliance
  • Real-world implementation case studies

Our Contributors

We welcome contributions from:

  • Internal Team: Security engineers, developers, and compliance experts from our organization
  • External Contributors: Industry experts, researchers, and practitioners passionate about SBOM

Contributing

Interested in contributing? Check out our Contributors Guide to learn how you can share your knowledge with the community.

Contact Us

Have questions or suggestions? Reach out to us through:

All content is provided for educational purposes. Please ensure you comply with your organization’s policies when implementing SBOM practices.