Posts

Introduction In our previous post, GitHub Releases Are Where SBOMs Go to Die, we tackled a growing pain in modern software security: SBOMs stuck in GitHub Releases. We showed how sbommv streamlines the manual mess—automating the movement of SBOMs from GitHub or local folders directly into SBOM platforms like Dependency-Track, Interlynk(next blog will show demo on this). We covered: 🔄 Pulling SBOMs straight from GitHub via API or releases 🧳 Uploading pre-existing SBOMs from local folders 🔍 Using dry-run mode to validate before uploading And transferring those fetched SBOMs to dependency-track platform smoothly and seamlessly. That was the start. But it still required you to trigger the command each time, especially when input adapter or input system(source of SBOMs) is folder. ...

Hey there 👋, SBOM enthusiasts ! Since the 2021 Cyber security Executive Order by Joe Biden. SBOMs (Software Bill of Materials) have become essential for software security and compliance. With countries like the EU, US, Germany, and India introducing their own SBOM regulations, it’s clear: SBOMs aren’t optional anymore—they’re the new standard. To meet this demand, tools for SBOM generation, signing, quality analysis, enrichment, and integration into security platforms have rapidly evolved, largely driven by the open-source community. ...

Introduction In today’s interconnected software ecosystem, applications are rarely built from scratch. Modern software is assembled from hundreds or even thousands of components - open source libraries, proprietary modules, and third-party services. This complexity creates a critical challenge: how do we know what’s actually inside our software? Enter the Software Bill of Materials (SBOM) - a comprehensive inventory that provides transparency into software components and their relationships. What is an SBOM? A Software Bill of Materials (SBOM) is a formal, machine-readable inventory of all components, libraries, and modules that make up a software application. Think of it as a detailed ingredient list for software - just as food products list their ingredients and nutritional information, an SBOM lists all the software components and their dependencies. ...