Glossary · Vulnerability Management

SBOM

Also known as: Software Bill of Materials

Software Bill of Materials — machine-readable inventory of components and dependencies in a build.

An SBOM (typically SPDX or CycloneDX) lists every component, version, and supplier in a software artefact. In automotive cybersecurity it is the join key for vulnerability monitoring: a new CVE on a third-party library can be traced to every ECU build that includes it.

Related terms

CVE
Common Vulnerabilities and Exposures — public identifier for a disclosed security flaw.
Vulnerability Monitoring
Continual ingestion of public and private vulnerability information against an organisation's asset inventory.

Need help applying SBOM on a programme? Use the contact form or request a KAVACH demo.

SBOM

CVE

Vulnerability Monitoring