The Software Bill of Materials (BOM)
Easily and Quickly Build an Accurate Open Source Inventory
Intelligence at your fingertips is essential to successful software development and application security. Are you able to produce a precise open source inventory report of what’s in your code? Does that include all subcomponents, hidden dependencies, and associated licenses?
Producing a comprehensive Bill of Materials is perhaps one of the most important actions for development teams. You can use it to modify open source policies and quickly react to published vulnerabilities. A BOM lets you know exactly what’s in your code.
WIND RIVER SYSTEMS
FlexNet Code Insight automates much of the discovery of OSS, but more importantly we provide the evidence to find and report all the open source components used by your developers, even if those components have been heavily modified.
Example of a Bill of Materials produced using FlexNet Code Insight
- Eliminate time-intensive manual efforts that take developers away from critical development cycles
- End-to-end visibility allows you to stay in control of your open source use
- Keep buyers and customers up-to-date on what code exists in what they’re buying
- Export your SBOM in formats such as SPDX-2.2, json, xlsx, xml, html, pdf, or txt
- Easily share your SBOM with customers and partners, supporting a more secure and transparent software supply chain
- Roll out patches and bug fixes in a timely manner
- Stay 100% prepared for any software audits
- Rapid insight to action when new vulnerabilities are announced
FLEXNET CODE INSIGHT — INTELLIGENCE MEETS SIMPLICITY.
An Inventory At Your Fingertips
At any given time your CEO, board of directors, legal counsel, or a customer can inquire about what’s in your software. How quickly can you get your hands on that list?
2021 will be the year of the automated Software Bill of Materials
Driven in large part by a broadening array of stakeholders who need to access to its contents, we’ll see the siloed approach to building an SBoM and static way of viewing the information in it evolve to an automated, collaborative, and dynamic process.
2021 Open Source License Compliance Report
In this report, Revenera compiled license compliance and vulnerability data from 2020 audit services projects to create a snap shot of the state of open source compliance in the industry today.
2021 Open Source Governance: Top Ten Trends and Predictions
Alex Rybak, Director of Product Management at Revenera, and Russ Eling, founder and CEO of OSS Engineering Consultants, share their top 10 open source usage, license compliance and security insights for 2021.
Balance Business Benefits with the Right Amount of Risk Management.
According to Gartner, by 2024, the provision of a detailed, regularly updated software bill of materials by software vendors will be a non-negotiable requirement for at least half of enterprise software buyers.