"SBOM"—or "software bill of materials"—is one of the hottest new buzzwords in cybersecurity today, and for good reason. Each day brings new headlines about the latest supply chain attack, followed by ...

State and local governments depend on a tangled mix of commercial software, open-source components, cloud services and, increasingly, artificial intelligence (AI). That complexity makes it hard to ...

The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft Minimum Elements for a Software Bill of Materials (SBOM) for public comment. Reflecting the growing maturity of SBOM ...

Open-source software underpins nearly everything in the digital world: In fact, it’s estimated to constitute up to 90% of modern software. But while it has many advantages — it is collaborative, ...

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and 19 international partners have released a joint guide on the value that increased software component and ...

PITTSBURGH,Oct. 4, 2023/PRNewswire/ --ForAllSecure, the world's most advanced application security testing company, today announced the debut of its runtime dynamic Software Bill of Materials (SBOM) ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

Python enhancement proposal would incorporate SBOM documents in Python packages as a way to improve dependency tracking and vulnerability analysis. Software bill-of-materials (SBOM) documents would be ...

The push to create more detailed, reliable, and mature BOMs with sufficient detail and depth to counter supply chain attacks continues to advance with the latest OWASP model. The exponential growth of ...

In August 2013, the FDA made news when it issued cybersecurity guidance for medical devices. But several years earlier, government officials recognized the risk: Soon after the FDA made its ...

Software supply chain attacks are highly visible due to extensive media coverage and the increasing scope of damage they cause. Notable attacks in 2025 include the addition of malicious packages to ...