Operationalizing SBOMs to Secure Your Software Supply Chain

Operationalizing SBOMs to Secure Your Software Supply Chain

This IDC Perspective presents the challenges around operationalizing software bill of materials (SBOMs) that organizations face and that are impeding broader adoption. Frameworks, open source projects, and commercial products looking to address these challenges are highlighted to help organizations with implementing an SBOM strategy. "The SBOM has been all the rage since the Executive Order, but both quantitative and qualitative data suggest that organizations are struggling with implementing the practices and tools necessary to make the SBOM actionable in securing their software supply chains," says Katie Norton, senior research analyst, DevOps and DevSecOps practices at IDC. "However, an ecosystem of frameworks, projects, and tools is forming that can help organizations establish an SBOM strategy that will set them up for success when the next Log4J or government regulation comes around."

Please Note: Extended description available upon request.

Executive Snapshot
Situation Overview
Static SBOMs and Modern Software Delivery Practices Are at Odds
SBOMs Lack Necessary Context About Exploitability
SBOMs Require Management Tools to Be Actionable
Advice for the Technology Buyer
Learn More
Related Research

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook
Cookie Settings