Tag
spdx
Safeguard articles tagged "spdx" — guides, analysis, and best practices for software supply chain and application security.
52 articles
SBOM
SBOM Format Conversion: Tools and Techniques
Your supplier sends SPDX, your platform expects CycloneDX. Here's how to convert between SBOM formats without losing critical data.
Jan 18, 20236 min read
SBOM
SPDX Specification: A Practical Guide for Security Teams
SPDX is the ISO-standardized SBOM format. Here's how to use it effectively for security, not just license compliance.
Sep 15, 20226 min read
Compliance & Regulations
SBOM Formats Compared: CycloneDX vs SPDX in 2022
Two SBOM standards are competing for adoption. CycloneDX and SPDX take fundamentally different approaches to describing software components. Here's what matters when choosing between them.
Feb 5, 20225 min read
Compliance & Regulations
Understanding SBOM Requirements Under EO 14028
Executive Order 14028 mandates SBOMs for federal software procurement. Here's a practical breakdown of what's required, what formats to use, and how to get compliant.
Jun 1, 20216 min read