What is SBOM (Software Bill of Materials)?
A formal record of all components, libraries, and dependencies in a software artifact.
A Software Bill of Materials (SBOM) is a machine-readable inventory of all components, libraries, and dependencies in a software artifact (application or container image). SBOMs enable organizations to quickly identify if they use a vulnerable component (like Log4Shell). They're generated by tools like Syft and CycloneDX. Formats include CycloneDX and SPDX. The US government now requires SBOMs for critical software sold to federal agencies.
Deep Dive Guide
software supply chain security sbom slsa guide
More Security Terms
DevSecOps
Integrating security practices into every stage of the DevOps pipeline.
Falco
A runtime security tool that detects anomalous behavior in containers using eBPF/syscalls.
JWT (JSON Web Token)
A compact, self-contained token format for transmitting claims between parties.
mTLS (Mutual TLS)
Two-way TLS authentication where both client and server verify each other's certificates.
OAuth2
An authorization framework allowing third-party apps limited access to user accounts.
OIDC (OpenID Connect)
An identity layer on top of OAuth2 that provides user authentication.
Test your knowledge of SBOM (Software Bill of Materials) and 130 other DevOps concepts