Software Bill of Materials (SBOM)
The Software Bill of Materials (SBOM) is an inventory of the software components used across your organization. SBOMs help you minimize security risks through increased visibility and transparency into the open source or third-party software elements you use.
In an SBOM, software components are listed along with information such as their name, version, CPE identifier, and properties. These components are then assessed for common vulnerabilities and exposures (CVEs), giving you further insight into your organization’s security posture.
Each CVE found is assigned a score and severity to help you better prioritize remediation. For additional information about the CVE, follow the provided links to the MITRE CVE database.
To generate an SBOM, use the Lacework CLI and its SCA component. Support for the Lacework Console is coming soon.
SBOM functionality is currently in beta for select Lacework customers. Contact your Lacework Representative for more information.