Why do #SBOM suppliers maintain that they can’t make their SBOMs public because there’s info they don’t want to disclose? What IP is in the name and versions of the software you’re using? Defeats the point of SBOMs bringing transparency to the market

Go check to see if you're using Apache Commons Text! Fortunately, for our customers, this is a single search to identify if they have any first- or third-party assets running (any version of) ACT. This is how you can make use of #SBOM's.

Saddened to hear about the layoffs at #Snyk. If any Snyk employees are looking to join a rapidly growing company in the software supply chain / #SBOM space, DM us! Looking for engineers, PMs, and TAM/SE roles.

It's amazing how many #SBOM generators don't generate SBOMs that match the original spec (e.g. CycloneDX SBOM Spec (OWASP) or SPDX ). If a field says 'required'.... JUST MAKE SURE IT EXISTS. (especially the SPDX 'DESCRIBES' field). </rant>

Even better when you see how some "#SBOMs" are actually maintained by federal vendors. We've seen text files, excel files, and other cringe-worthy examples. None of which make it easy for USG to reduce their risk!

A sad anniversary indeed. L4J was (regrettably) part of our origin story, and we built a tool that we wished we had back then. It ruined so many folks' holidays, we (not so seriously) joke that our mission at Manifest is to use #SBOM to #SaveTheHolidays.

Yes, yes it is.

Thanks for coming Ron Pragides  ! Was a pleasure to host you and the rest of the group.

Likewise, we're excited to work with you Kaylin Trychon and the Chainguard ⛓️ team! #sbom

We're incredibly honored and excited to be part of this fantastic SVIP cohort to push forward all things #sbom. Can't wait to get started!

🎧 Listen to the full episode of “daBOM: SBOMs - Where do we put these things?” with Daniel Bardenstein and DJ Schleen talking about the next phase for Software Bill of Materials : daBOM.show/daniel-bardens… @djschleen Manifest Cyber #sbom Slack

Excited to share news about our investment in Manifest Cyber, a team deep in security helping businesses understand vulnerabilities in open source software embedded in their products. Every company should be managing SBOMs and Manifest will help them do it axios.com/2023/05/18/man…

Congrats to the Manifest Cyber team for their launch🎉! Manifest reduces software supply chain risk by automatically monitoring SBOMs to find the vulnerabilities embedded in your software & alert you before you even know there’s an issue. Learn more: axios.com/2023/05/18/man…

We take offense to the term "manifest confusion."

Ampere and Manifest Cyber Announce Business Alliance to Strengthen Industrial Cybersecurity Services amperesec.com/blog/ampere-in…

Stoked to share this new business alliance announcement with Manifest Cyber. Best-in-class ICS/OT cybersecurity consulting combined with expert SBOM and supply chain security. Check it out.

Listen to Manifest CTO Daniel Bardenstein with Bryson 🦄 talking about #sboms for OT/ICS/IIoT asset owners! linkedin.com/posts/cs2ai-gl…

Outstanding work by Manifest Cyber now supporting OASIS Open CSAF! #CyberSecurity #supplychainsecurity #sbom #vex manifestcyber.com/blog/the-power…