"*" indicates required fields SBOM Maturity AssessmentBy landing here you’ve made a great decision. Our SBOM Maturity Framework is based on almost fifteen years of industry expertise focused on helping our customers create a complete inventory of software components—today’s Software Bill of Materials. Answers to this quick 14-question survey will help us assess your current state of SBOM management and offer specific action items to help you move further up the maturity spectrum. Once you’ve answered the questions, click submit and start your journey to realizing the benefits of a complete SBOM management strategy. What is your role in your company? Security Software Engineering/Development Legal ITAM IT Other What type of company do you work for? We are a software provider (sell software applications) We purchase software from software providers (we are a B-to-B company) We purchase software from software providers (we are a B-to-C company) We are both a software provider and we purchase software from providers How does your organization catalog third-party content in your applications? Disclosures only Package-level Forensic level Risk-based hybrid (combination of the above) We don't Which teams consume/use the output of your scan results?(check all that apply) Security Legal Software development/engineering/product management Open Source Program Office/ Formal Centralized Team None Select which option best describes what organization in your company owns the management of open source and third-party components? An open source program office (OSPO) Formal centralized team Engineering/DevSecOps teams Legal Security I don’t know Does your SBOM represent code developed by your partners and third-party suppliers? Yes No I don't know How often do you request a new/updated SBOM? Each release More frequent than each release Less frequent How are you producing SBOMs today? It’s a manual process Homegrown/Open source solution Commercial SCA/SBOM solution We aren’t producing SBOMs Does your SBOM include fields beyond the minimum required by NTIA (National Telecommunications and Information Administration)? Yes No I don’t know Which standardized SBOM format are you using?(check all that apply) SPDX CycloneDX Software Identification Tagging (SWID) Spreadsheet None of the above I don’t know If your customer asked you for an SBOM, how quickly could you provide one? Immediately A day One week In a month Never I don’t know What do you do with SBOMs you construct or obtain from third parties? Nothing Store in a file system Manually assess Ingest into an actionable SBOM management system I don’t know Is your organization able to produce security reports such as VDR and VEX for vulnerability assessment? Yes No I don’t know How effectively did your company handle the identification, impact assessment, and remediation of the Log4j security vulnerabilities in late 2021? It was highly disruptive and followed a mostly manual, reactive process that took place over an extended period of time It was not disruptive. We had an active inventory of all of our instances of Log4j use across the company; just had to search it and schedule remediation work Not applicable; we don’t use Java (Log4j is a Java-based logging utility) I don’t know Hidden(Contact form)Fill out the form to get the complete assessment and a guide to the best next steps to improve the transparency, security and integrity of your software applications.Your Name* First Name Last Name Email* Phone*Company* Job Function*- Please Select -Application Packaging/Installation DevelopmentApplication SecurityEngineering and DevelopmentFinanceInformation TechnologyIoT StrategyLegal/General CounselLicensing/Compliance/IP ProtectionMarketing/SalesOperationsProduct ManagementSupportCountry*- Please Select -AfghanistanAlbaniaAlgeriaAndorraAngolaAntiguaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamas, TheBahrainBangladeshBarbadosBarbudaBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongoCosta RicaCote d'IvoireCroatiaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFaroe IslandsFijiFinlandFranceGabonGambiaGeorgiaGermanyGhanaGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuinea-BissauGuineaGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacauMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNevisNew ZealandNicaraguaNigerNigeriaNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRwandaSaint KittsSaint LuciaSaint VincentSamoaSan MarinoSan Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth KoreaSpainSri LankaSurinameSwazilandSwedenSwitzerlandTaiwanTajikistanTanzaniaThailandTobagoTogoTongaTrinidadTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamWallis and FutunaWestern SaharaYemenYugoslaviaZambiaZimbabweState*- Please Select -AlaskaAlabamaArizonaArkansasCaliforniaColoradoConnecticutDelawareFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMassachusettsMarylandMaineMichiganMinnesotaMississippiMissouriMontanaNebraskaNew HampshireNew JerseyNew MexicoNevadaNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahVirginiaVermontWashingtonWashington DCWisconsinWest VirginiaWyomingProvince*- Please Select -AlbertaBritish ColumbiaManitobaNew BrunswickNewfoundland and LabradorNorthwest TerritoriesNova ScotiaNunavutOntarioPrince Edward IslandQuebecSaskatchewanYukon TerritoryState*- Please Select -Australian Capital TerritoryNew South WalesNorthern TerritoryQueenslandSouth AustraliaTasmaniaVictoriaWestern AustraliaHiddenCommentsHidden(Hidden fields)Hiddenlead_source Hiddenid Hiddencampaign Hiddenutm_source Hiddenutm_medium Hiddenutm_campaign Hiddenutm_content Hiddenutm_term Hiddenutm_matchtype HiddenCheqRequestID HiddenfirstTouchURL Hidden(Comm notice)optIn I want to receive future communications from Flexera/Revenera and be the first to hear about the latest news and industry insights. You can update your subscription preferences at any time. Your information will be processed in accordance with our Privacy Notice.Please note: By submitting this form you are agreeing to receive additional communications from Revenera. You can update your subscription preferences at any time. Your information will be processed in accordance with our Privacy Notice.NameThis field is for validation purposes and should be left unchanged.