Authoritative Guide to SBOM

Implement and Optimize use of Software Bill of Materials


Appendix B: References

The following resources may be useful to users and adopters of this standard:

  • NTIA Multistakeholder Process on Software Component Transparency, Framing Working Group. (21 October 2021). Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM), Second Edition.
  • NTIA. (12 July 2021). The Minimum Elements for Software Bill of Materials.
  • The White House. (12 May 2021). Executive Order on Improving the Nation’s Cybersecurity.

  • SPDX License IDs
  • SPDX License List
  • OpenChain
  • OWASP CycloneDX
  • OWASP CycloneDX Tool Center
  • OWASP CycloneDX BOM Repository Server
  • OWASP Dependency-Track
  • OWASP Software Component Verification Standard (SCVS)
  • OWASP Software Component Verification Standard (SCVS) BOM Maturity Model