First published: 04 Sep 2025
Last updated: 04 Sep 2025

Content written for

Small & medium business
Large organisations & infrastructure
Government

Today, in collaboration with international partners, we have released guidance to inform organisations who procure, produce or operate software about the advantages of integrating a Software Bill of Materials (SBOM). Widespread adoption of SBOM will strengthen security, reduce risk, and decrease costs.

An SBOM is a formal record of the details and supply chain relationships of various components used in building software – like a ‘list of ingredients’ for software. SBOMs help address challenges in securing software because they provide visibility of the components of software.

Identifying and responding to vulnerabilities is a key step in the development of secure software and limiting risks throughout the software lifecycle. Using an SBOM means organisations can respond to vulnerabilities quicker and more efficiently with tailored mitigations to address specific risks.

With SBOM data, software producers and operators can map the software’s dependencies to relevant lists of existing vulnerabilities and track new vulnerabilities that may arise.

An SBOM also documents information about software dependencies, enabling greater visibility across an organisation’s software supply chain and enterprise system. This allows organisations to improve:

  • risk management practices – particularly vulnerability management and supply chain management
  • software development processes
  • support an organisation’s license management.

Learn more about securing software through A Shared Vision of Software Bill of Materials for Cybersecurity.

Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?