FAQ resource for What is an SBOM (software bill of materials)?.
Answer
An SBOM is a formal, machine-readable inventory of all components, libraries, and dependencies that make up a piece of software, including their versions and licenses. It lets organizations quickly determine whether they are affected when a new vulnerability is disclosed in a third-party component. Common standardized formats are SPDX and CycloneDX, and SBOMs are increasingly required by regulations and procurement policies for supply-chain transparency.