Safeguard
Tag

sbom-compliance

Safeguard articles tagged "sbom-compliance" — guides, analysis, and best practices for software supply chain and application security.

8 articles

SBOM & Compliance

What is a Software Bill of Materials workflow (SPDX/SBOM)...

A practical breakdown of SPDX-based SBOM compliance workflows — NTIA rules, EU CRA and FDA deadlines, where Black Duck falls short, and how continuous SBOM generation closes the gap.

Jun 13, 20268 min read
SBOM & Compliance

SBOM and Compliance: Generating and Exporting Software Bi...

Regulators now require SBOMs from federal vendors, medical device makers, and soon every EU digital product. Here's how SBOM generation tools actually compare on accuracy, format, and export.

May 15, 20267 min read
SBOM & Compliance

Cyber Resilience Act (CRA) Compliance for Software Vendors

CRA reporting duties start Sept 2026; fines reach 2.5% of global turnover. What software vendors must do for SBOMs, vulnerability reporting, and audits.

May 15, 20268 min read
SBOM & Compliance

FedRAMP for AppSec Tools: What It Means for Government So...

FedRAMP 20x now demands machine-readable SBOM and vulnerability evidence, not static reports. Here's what changed, what it costs, and where Endor Labs stands.

May 15, 20267 min read
Open Source Security

Building an SBOM that meets NTIA minimum elements

A field-by-field breakdown of NTIA's SBOM minimum elements, who's legally required to meet them in 2026, and why conformant fields don't guarantee real dependency coverage.

May 9, 20267 min read
SBOM & Compliance

FDA SBOM requirements under Section 524B for medical devi...

What Section 524B means for medical device makers: FDA SBOM requirements, premarket cybersecurity guidance, and how to avoid a Refuse to Accept letter.

Jan 2, 20267 min read
SBOM & Compliance

SBOM requirements under DoD software supply chain risk ma...

A practical breakdown of DoD SBOM requirements — where they came from, how Software Fast Track enforces them, and what happens when contractors can't produce one.

Dec 27, 20257 min read
Compliance

EU Cyber Resilience Act: Final Text Analysis and Compliance Roadmap

The EU Cyber Resilience Act was finalized in 2024, mandating cybersecurity requirements and SBOMs for products with digital elements. Here is what the final text requires and how to prepare.

Oct 10, 20247 min read
sbom-compliance — Safeguard Blog