Operationalizing SBOMs to Secure Your Software Supply Chain

Operationalizing SBOMs to Secure Your Software Supply Chain

This IDC Perspective presents the challenges around operationalizing software bill of materials (SBOMs) that organizations face and that are impeding broader adoption. Frameworks, open source projects, and commercial products looking to address these challenges are highlighted to help organizations with implementing an SBOM strategy. "The SBOM has been all the rage since the Executive Order, but both quantitative and qualitative data suggest that organizations are struggling with implementing the practices and tools necessary to make the SBOM actionable in securing their software supply chains," says Katie Norton, senior research analyst, DevOps and DevSecOps practices at IDC. "However, an ecosystem of frameworks, projects, and tools is forming that can help organizations establish an SBOM strategy that will set them up for success when the next Log4J or government regulation comes around."

Please Note: Extended description available upon request.