Safeguard
Topic

SBOM

In-depth guides and analysis on sbom from the Safeguard engineering team.

76 articles

SBOM

SBOM adoption in underwriting and actuarial software

Insurers price risk with software built on unvetted open-source code. Here's how SBOM underwriting software closes that blind spot.

Dec 30, 20257 min read
SBOM

SBOM for automotive ECU firmware and embedded software

How automotive ECU firmware SBOMs help OEMs and suppliers track embedded components, manage vehicle firmware vulnerabilities, and secure OTA updates.

Dec 29, 20257 min read
SBOM

SBOM requirements for industrial control systems (ICS/SCADA)

ICS/SCADA SBOM requirements are colliding with 20-year-old control systems that predate software transparency mandates. Here's what's required, why, and how to close the gap.

Dec 22, 20257 min read
SBOM

Best SBOM management and analysis platforms

A practical buyer's guide to SBOM management platforms in 2026 -- evaluation criteria plus an honest look at six real vendors and where each one falls short.

Nov 19, 20257 min read
SBOM

AI-Generated SBOMs: How Accurate Are They?

LLMs can now generate SBOMs from source code and documentation. We tested five AI SBOM generators against traditional tools to measure accuracy, completeness, and reliability.

Nov 12, 20257 min read
SBOM

Container SBOM Generation: Best Practices for 2025

Container images are multi-layered artifacts that challenge SBOM generators. Here is how to generate comprehensive, accurate SBOMs for containerized applications.

Oct 1, 20256 min read
SBOM

SBOM Interoperability: Bridging CycloneDX and SPDX

Your suppliers send SPDX. Your tools expect CycloneDX. Interoperability between SBOM formats is a real operational challenge. Here is how to solve it.

Sep 10, 20256 min read
SBOM

How Snyk Container generates a Software Bill of Materials...

How Snyk Container statically scans image layers, parses OS package databases and lockfiles, and exports CycloneDX/SPDX SBOMs — mechanically explained.

Sep 5, 20257 min read
SBOM

How Snyk AI-BOM's continuous refresh model differs from a...

How Snyk's AI-BOM keeps model and dataset inventories current through continuous refresh, and why that differs mechanically from a point-in-time static SBOM export.

Aug 20, 20258 min read
SBOM

Binary SBOM Analysis: Creating Software Bills of Materials Without Source Code

Not all software comes with source code. Binary analysis techniques can extract component information from compiled artifacts, firmware, and commercial software to produce SBOMs where traditional tools cannot.

Aug 8, 20257 min read
SBOM

SBOM Quality Metrics: Moving Beyond Completeness

Most SBOM quality discussions stop at completeness. Real quality requires measuring accuracy, freshness, depth, and actionability. Here is a practical framework.

Aug 1, 20256 min read
SBOM

Why 'We Have an SBOM' Isn't the Same as 'We Are Secure'

An SBOM tells you what's in your software, not whether it's safe. Here's why inventory alone can't stop supply chain attacks like XZ Utils or SolarWinds.

Jul 30, 20257 min read
SBOM (Page 4) — Supply Chain Security Blog | Safeguard