How to Create a Software Bill of Materials

SBOMs display a complete inventory of the application in question, including all open source components, license, version information, and vulnerabilities. The one caveat to this is with tools like syft, they only generate the SBOM, which doesn’t include vulnerabilities.

Read full article on The New Stack