Software Bill of Materials (SBOM)

Introduction

🚧

Early Adopter Release

This feature is currently in early adopter release and may not be available to all customers.

The software bill of materials view helps you understand and manage the open-source libraries used in your organization. It also helps you effectively manage dependencies, reduce risks, ensure compliance, and improve software development and IT operations.

With the software bill of materials view, you can:

• Understand open-source usage: Understand how open-source libraries are used across your organization's IT infrastructure, including which microservices depend on them, which applications they support, etc.

• Track affected parts during cybersecurity incidents: Quickly identify which parts of your IT system are impacted during cybersecurity incidents, like the log4shell vulnerability.

• Formulate immediate risk mitigation initiatives: Take swift action to address vulnerabilities, for example, by prioritizing updates or patches to affected components.

• Prevent legal infringement: Identify and address any unauthorized use of copy-left licenses to avoid legal issues.

  

Using Software Bill of Materials

To use the software bill of materials view, navigate to the right-side pane of the inventory and click on Software Bill of Materials. Here, you find a list of all the open-source libraries identified across your IT landscape. You can search through this list, apply filters from the panel on the left, and sort the list according to your preference by clicking on the column titles.

Select any item in the list to expand the row and see more details, such as the license information, which microservices depend on that library, the associated teams, and related applications.

Use the search functionality to quickly identify which parts of your IT system are at risk during cybersecurity incidents, assess license risk by searching for unpermitted licenses in use, etc.