Skip to main content

What is an SBOM (software bill of materials)?

FAQ resource for your migration project.

FAQ resource for What is an SBOM (software bill of materials)?.

Answer

An SBOM is a formal, machine-readable inventory of all components, libraries, and dependencies that make up a piece of software, including their versions and licenses. It lets organizations quickly determine whether they are affected when a new vulnerability is disclosed in a third-party component. Common standardized formats are SPDX and CycloneDX, and SBOMs are increasingly required by regulations and procurement policies for supply-chain transparency.