Gartner Report: Innovation Insight for SBOMs
Contrast Security named as a Representative Provider for offering Commercial SBOM Tools.
“The lack of visibility and transparency into proprietary and open-source dependencies within the software supply chain exacerbates security and compliance risks.” – Gartner®
The Log4j saga reminded us that security gaps within the software supply chain can have a devastating impact on your business. As a result, maintaining a software bill of materials (SBOM) has become a popular topic of conversation. SBOMs improve the visibility, transparency, security and integrity of proprietary and open-source code in software supply chains. To realize these benefits, software engineering leaders should integrate SBOMs throughout the software delivery life cycle.
Download this Gartner report to learn how SBOMs can help:
- Build a list of “ingredients” of third-party and proprietary software that is imported, built, and consumed by development teams across the organization
- Flag vulnerable software packages that create security gaps in your software supply chain
- Stay current with your current software inventory every time new changes are introduced
- Define repeatable processes and governance to continuously verify software integrity and alert key stakeholders
Gartner is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner, Innovation Insight for SBOMs, Manjunath Bhat, Dale Gardner, Mark Horvath, 14 February 2022