SOFTWARE COMPOSITION ANALYSIS
Software Bill of Materials (SBOM)
Easily and Quickly Build an Accurate Inventory
Intelligence at your fingertips is essential to successful software development and application security. Are you able to produce a precise inventory report of what’s in your code? Does that include all subcomponents, hidden dependencies, and associated licenses?
Producing a comprehensive Bill of Materials is perhaps one of the most important actions for development teams. You can use it to modify open source policies and quickly react to published vulnerabilities. A BOM lets you know exactly what’s in your code.
WIND RIVER SYSTEMS
Code Insight automates much of the discovery of OSS, but more importantly we provide the evidence to find and report all the open source components used by your developers, even if those components have been heavily modified.
Example of a Bill of Materials produced using Code Insight
- Eliminate time-intensive manual efforts that take developers away from critical development cycles
- End-to-end visibility allows you to stay in control of your open source use
- Keep buyers and customers up-to-date on what code exists in what they’re buying
- Export your SBOM in formats such as SPDX-2.2, json, xlsx, xml, html, pdf, or txt
- Easily share your SBOM with customers and partners, supporting a more secure and transparent software supply chain
- Roll out patches and bug fixes in a timely manner
- Stay 100% prepared for any software audits
- Rapid insight to action when new vulnerabilities are announced
CODE INSIGHT — INTELLIGENCE MEETS SIMPLICITY.
An Inventory At Your Fingertips
At any given time your CEO, board of directors, legal counsel, or a customer can inquire about what’s in your software. How quickly can you get your hands on that list?
Balance Business Benefits with the Right Amount of Risk Management.
According to Gartner, by 2024, the provision of a detailed, regularly updated software bill of materials by software vendors will be a non-negotiable requirement for at least half of enterprise software buyers.