Codenotary unveils SBOMcenter to ensure software supply chain security
Codenotary has unveiled SBOMcenter, providing a central, secure place for software producers and consumers to freely generate, store and share Software Bills of Materials (SBOMs).
In May 2021, the US government issued an executive order requiring federal agencies to adopt SBOMs, which is driving the widespread adoption in the private sector as well. According to a recent report from Gartner, by 2025, 60% of all companies will use SBOMs.
However, implementing SBOMs can be a complex process and may require changes to existing software development and procurement practices. Codenotary’s new SBOMcenter provides the first centralized secure storage for SBOMs, as well as the ability for the software to self create SBOMs so they are always up-to-date.
“This solves the biggest problem with SBOMs today by providing a central source for maintaining up-to-date versions that are tamper-proof and can be shared with authorized users,” said Dennis Zimmer, CTO, Codenotary.
“To derive value from SBOMs, they can’t just be static documents that are stored on a computer somewhere. SBOMcenter is the central exchange of secure SBOMs between software producers and software consumers by sharing a link to the SBOM for easy access to up-to-date information,” Zimmer continued.
The free trial version of SBOMcenter provides centralized storage of all SBOMs, which can be imported and exported from and to any standard format.
Codenotary is providing free use of SBOMcenter in this preview version. Additional features to further enhance security of the software supply chain are planned in the next version soon. Those will include vulnerability scanning, risk exposure scoring, alerts on newly discovered vulnerabilities, and enforcement through a DevOps pipeline.
SBOMcenter enables enterprises to implement SBOMs as part of their software supply chain management practices by streamlining the process of generating, updating, verifying, enriching and sharing SBOMs to enhance security.
SBOMcenter makes it easy for enterprises to derive value from SBOMs with an easy path to even greater value by identifying potential vulnerabilities or compliance issues in their software supply chains, understanding security risks, plus alerts on new vulnerabilities which all enable enterprises to lockdown their software supply chain for greater security.