Why CISOs should automate SBOM management with AI | TechTarget
valerybrozhinsky - stock.adobe.c
Modern software runs on open source. Nearly all codebases -- 98% -- contain open source code, according to a 2026 report from cybersecurity vendor Black Duck, which scanned 947 codebases and analyzed nearly 3,000 individual projects between November 2024 and October 2025. Those open source components change constantly as maintainers ship patches, fixes and new versions.
A software bill of materials (SBOM) captures a snapshot of that inventory, so organizations can find and patch vulnerabilities quickly. The moment a developer merges a dependency update or a build pulls a new version, the document drifts from reality. A stale SBOM gives false confidence and slows the enterprise response when a vulnerability lands.
Regulation raises the stakes. Under the EU Cyber Resilience Act, beginning Sept. 11, 2026, organizations must report actively exploited vulnerabilities. By Dec. 11, 2027, manufacturers of products with digital elements must include machine-readable SBOMs in their...
Copyright of this story solely belongs to techtarget.com. To see the full text click HERE