Hey Folks,
I am exploring various ways people are using SBOMs beyond identifying vulnerable or outdated components. I’m curious to learn how others in this group are leveraging them.
Here are a couple of ways I am currently exploring:
-
Visualizing Tech Debt: By collecting SBOMs at the organizational level, we can visualize technical debt and work towards reducing it.
-
Vendor Assessment: SBOMs can help organizations planning to sell technology or finance departments evaluate potential vendors. They can assess known issues or the age of components to make informed decisions about risks.
How are you using SBOMs in your work? Looking forward to your insights!
#SBoM #Infosec #technology