SBOM is the acronym for Software Bill of Materials, which is a list of all the open source npm packages that are part of your project. But it’s not only limited to open source or software packages, and can include operating system libraries, microservices inventory and more.

ServiceNow’s biggest event of the year — Knowledge 2023 — is here, and Snyk is excited to be a part of it with some big news! Back in January, we announced Snyk Security for Application Vulnerability Response to bring Snyk Open Source software composition analysis to ServiceNow Security Operations.

Last week, the godfather of AI, Geoffrey Hinton smashed the glass and activated the big red AI alarm button warning all of us about creating a world where we won’t “be able to know what is true anymore”. What’s happening now with everything AI makes all the other tech revolutions of the past 40 plus years seem almost trivial.

With all the cybersecurity benefits an SBOM offers, it’s a wonder they weren’t used in the software development life cycle long ago. Today, the need for SBOMs has grown more urgent because open source has become a core part of modern software development. At least one report finds that 75% of all codebases audited were composed of open-source components with known security vulnerabilities.

The software bill of materials (SBOM) has become an increasingly important tool for providing much-needed clarity about the components that make up software — both for application security purposes and governmental compliance. Unlike manual spreadsheets, SBOMs standardize everything into a particular format to minimize inconsistencies. There are three primary SBOM formats currently available, which allow companies to easily generate, share, and consume SBOM data.