SBOM

TermConcept

An SBOM (Software Bill of Materials) is a formal, machine-readable inventory of every component — libraries, direct and transitive dependencies, versions, licences, hashes — that makes up a piece of software.

An SBOM (Software Bill of Materials) is a formal, machine-readable inventory of every component — libraries, direct and transitive dependencies, versions, licences, hashes — that makes up a piece of software.

It has become central to software supply-chain security: without an SBOM, it is impossible to know quickly whether a newly disclosed vulnerability (such as Log4Shell) affects your applications. With an SBOM, you can automatically query the list of affected components.

The standard formats are SPDX (Linux Foundation) and CycloneDX (OWASP). Several regulations make SBOMs mandatory for some markets (Executive Order 14028 in the United States, the Cyber Resilience Act in Europe for products with digital components).

Related terms

Ready to find the missing piece of your team?

Let's talk about your hiring needs. A team member will get back to you quickly to qualify the brief and kick off the search.

Start a search I'm a candidate

SBOM

Related terms

ORM

ATS

Product

AI Act

API

Back-end

Ready to find the missing piece of your team?