Safeguard
Topic

SBOM

In-depth guides and analysis on sbom from the Safeguard engineering team.

76 articles

SBOM

SBOM API Integration Patterns for Development Teams

SBOMs locked in files are static inventory. SBOMs exposed through APIs become live infrastructure. Here's how to build the integration layer.

Jan 25, 20245 min read
SBOM

SBOMs for Embedded Systems: Firmware Transparency

Embedded devices run for decades and rarely get patched. SBOMs bring transparency to firmware that the IoT industry desperately needs.

Oct 18, 20236 min read
SBOM

SBOM Storage and Distribution Infrastructure

Generating SBOMs is solved. Storing, versioning, and distributing them at scale is the next engineering challenge.

Sep 25, 20236 min read
SBOM

SBOM for the Gaming Industry: Why Game Studios Need Software Transparency

Game studios ship millions of lines of code with complex dependency chains across engines, middleware, and third-party SDKs. SBOMs are not just a compliance tool — they are an operational necessity.

Sep 20, 20235 min read
SBOM

Automated SBOM Drift Detection: When Your Bill of Materials Goes Stale

An SBOM that does not match what is actually deployed is worse than no SBOM at all. Here is how to detect and prevent SBOM drift automatically.

Jun 28, 20237 min read
SBOM

SBOMs for Mobile Applications: iOS and Android

Mobile apps ship to millions of devices and can't be patched silently. Here's how to build SBOM practices for iOS and Android development.

Jun 15, 20236 min read
SBOM

SBOM Validation and Quality Checks: Ensuring Your SBOMs Are Actually Useful

A syntactically valid SBOM can still be useless. Here's how to validate structure, completeness, and accuracy to produce SBOMs worth trusting.

May 22, 20236 min read
SBOM

SBOMs for Serverless Applications: What Changes and What Doesn't

Serverless doesn't mean dependency-free. Here's how to generate and manage SBOMs for Lambda functions, Azure Functions, and Cloud Functions.

Feb 12, 20236 min read
SBOM

SBOM Format Conversion: Tools and Techniques

Your supplier sends SPDX, your platform expects CycloneDX. Here's how to convert between SBOM formats without losing critical data.

Jan 18, 20236 min read
SBOM

Generating SBOMs from Container Images: A Practical Guide

Container images are opaque by default. Here's how to crack them open with SBOMs to see exactly what's running in production.

Oct 8, 20227 min read
SBOM

Building an SBOM Program from Scratch: A Practical Guide

Standing up an SBOM program is more than picking a tool. This guide covers organizational buy-in, tooling selection, automation, and scaling from your first BOM to enterprise-wide adoption.

Sep 20, 20227 min read
SBOM

SPDX Specification: A Practical Guide for Security Teams

SPDX is the ISO-standardized SBOM format. Here's how to use it effectively for security, not just license compliance.

Sep 15, 20226 min read
SBOM (Page 6) — Supply Chain Security Blog | Safeguard