SBOM Executive Order

Are You Prepared for the Federal Government’s Cybersecurity Executive Order?

Today’s software supply chain is complex, and it’s under attack. 2021 is on course to be a record year with zero days reported without an incident.


WHAT’S IN THE EXECUTIVE ORDER

  • Any software provider that sells software into the federal government must provide a Software Bill of Materials (SBOM)
  • Evidence of regulatory compliance, including using tools to check code for vulnerabilities regularly and producing artifacts related to that testing
  • Ensuring software development processes include measures to secure the build environment
  • Proof of integrity of open source code use
  • Proof of/or plans to secure the security of legacy software

More on the Executive Order in our blog post


SBOMS PROVIDE MANY BENEFITS BEYOND COMPLIANCE

  • Eliminate time-intensive manual efforts that take developers away from critical development cycles
  • End-to-end visibility allows you to stay in control of your open source use
  • Keep buyers and customers up-to-date on what code exists in what they’re buying
  • Roll out patches and bug fixes in a timely manner
  • Stay 100% prepared for any software audits
  • Efficiently track the open source through the supply chain
  • Create absolute transparency and control
  • Rapid insight to action when new vulnerabilities are announced

An Inventory At Your Fingertips

At any given time your CEO, board of directors, legal counsel, or a customer can inquire about what’s in your software. How quickly can you get your hands on that list?


READY TO LEARN MORE?

Webinar

Incorporating Software Composition Analysis into Your Secure Application Strategy

If you are in software development, security, or compliance, sign up to listen to this webinar to learn more about implementing software composition analysis to manage additional risk associated with building and shipping software applications.

View Webinar
Report

Aberdeen Knowledge Brief. Open Source, With Eyes Wide Open

In this Knowledge Brief, Aberdeen reports that nearly half of security-related issues uncovered in nearly 200 audit projects had a high severity rating. Find out more.

View Report
Trial

FlexNet Code Aware

FlexNet Code Aware detects what you can't see in your open source code, from security threats to intellectual property and compliance issues. Download it now and try it our for free.

Get Trial

Balance Business Benefits with the Right Amount of Risk Management.

According to Gartner, by 2024, the provision of a detailed, regularly updated software bill of materials by software vendors will be a non-negotiable requirement for at least half of enterprise software buyers.