Your Source for Software
Supply Chain Insights

This is where you’ll find out about our latest obsessions, tips and tricks, insights on what we’ve been working on and where IoT and software supply chain security is going.

Thought Leadership

Technical Deep Dive

Actionable Guidance

SBOMs HBOMs AIBOMs and CBOMs – The New Foundation of Cyber Resilience

Discover how Software Bills of Materials (SBOMs) boost software supply chain security by enhancing visibility, automating vulnerability management, and speeding incident response and compliance.

Dawn breaks over Marblehead

Facts alone can't drive cybersecurity change: SBOM adoption stalls as bias, emotion, and storytelling matter.

Software Transparency Call to Action

SBOM Management: Strengthening Software Supply Chain Security

PCI DSS 4.0, SBOMs, a 2025 Readiness Guide

PCI DSS 4.0 adds SBOM mandates: keep full software inventories (6.3.2) and fix every scan finding (11.3.1.1) by 31 Mar 2025, automate your SBOM tracking now.

Prevent Bad Actors from Hacking your SBOM

Fortify SBOM integrity with CycloneDX signing, hash validation, and continuous monitoring against omission spoofing and tampering essential for connected device compliance.

ETSI 303 645: SBOM & AI Hardware Cryptography BOMs + VEX Boosts IoT Security and EU CRA Compliance

The Importance Of Validation In SBOM Generation

Tern is an open source software composition analysis and SBOM generation tool that generates SBOMs from container images. However, upon running this tool and generating a CycloneDX SBOM, a problem arose.

The Power of SBOMs: Building Resilience in Our Critical Infrastructure

As a member of the PCAST Working Group on Cyber-Physical Resilience, I was involved in crafting the recent report outlining crucial steps to fortify the intricate systems that underpin our daily lives. One of our key recommendations, "Recommendation 4B: Promote Supply Chain

Revolutionizing Healthcare Security: Health-ISAC and Cybeats Partnership in SBOM use-cases

Notably, the Health Information Sharing and Analysis Center (Health-ISAC) is entering into a partnership with Cybeats, a leading software supply chain intelligence company, marking a substantial advancement in healthcare cybersecurity.

Charting FDA's Course: SBOM as the North Star in Cybersecurity

FDA SBOM guidance positions SBOMs as a compliance framework for medical devices, enabling traceability, regulatory alignment, and vulnerability management.

Unlocking the Potential: How SBOM Practices Revolutionize Tech Industries

National Cybersecurity Strategy Implementation Plan (NCSIP) - Doubling Down on SBOM’s

We recently saw the publication of the National Cybersecurity Strategy Implementation Plan (NCSIP)

Unlock Compliance Excellence: Harness the Power of an SBOM to Conquer Import and Export Controls, Including OFAC Regulations.

Last month I wrote about using a Software Bill of Material (SBOM) as a valuable tool for managing cybersecurity risk.

Integrating SBOMs and Risk for Enhanced Cybersecurity Management

I’ve noticed that conversations on Software Bills of Materials (SBOMS) generally discuss what they are.

Top 7 SBOM Generation Tools and How to Choose

SBOM (Software Bill of Materials) is a comprehensive list of all the components that make up a piece of software

What Is an SBOM Generator and How and When Should You Generate SBOMs?

An SBOM generator is a tool or software that automatically creates a Software Bill of Materials (SBOM) for a software application.

What Is Executive Order 14028, Who Is Affected and How to Comply

On May 12, 2021, U.S. president Joe Biden issued an executive order on “Improving the Nation’s Cybersecurity”

What is an SBOM (Software Bill of Materials)?

An SBOM (Software Bill of Materials) is a comprehensive and detailed list of all the software components

How VEX supercharges SBOMs for a more secure software supply chain

Open-source code remains a concerning and ongoing source of vulnerability in the

Why SBOMs are critical to complying with the EU Cyber Resilience Act

With global annual cost of cybercrime topping $6 trillion in 2021

Cybeats named by Gartner® as a Representative Vendor for SBOM Management tech in latest 2022 Emerging Tech Report

We believe Cybeats being recognized by Gartner further validates the leadership

5 Key takeaways from Microsoft and Google’s webinar on SBOM

Microsoft & Google SBOM webinar: automation, supply chain visibility, vulnerability prioritization, compliance best practices, and collaboration insights.

FDA cybersecurity guidance for medical devices

In April 2022, the Food and Drug Administration (FDA) and the Center for Devices and Radiological Health (CDRH) jointly published new guidance.

Security and Risk Report by Independent Research Firm

Cybeats is named in Forrester’s Planning Guide 2023, Security and Risk, released on August 23rd, 2022. Forrester, is one of the most reputable global research organizations.

What Could Possibly Go Wrong?

Common SBOM pitfalls: avoid incomplete inventories, outdated SBOMs, and ensure compliance with best practices for SBOM generation and vulnerability management.

Mesopotamian Roots of SBOM

We could blame Hammurabi for software supply chain hacking

Talking About Supply Chain Security

Software producers and consumers are actively implementing or pondering

Critical Infrastructure Protection: Risks and Best Practices

Critical infrastructure protection (CIP) involves securing networks, assets, and systems that must operate continuously to ensure the health and safety of regions, countries, or economies.

Medical Device Security: The Basics and 4 Best Practices

Medical device security refers to practices and techniques that can prevent attacks against medical devices. Attacks may involve unauthorized access or control of medical devices.

What is IoT Device Security? - Understanding IoT Device Security

IoT device security tools and best practices aim to provide coverage against IoT threats. As more sensitive data is stored on IoT devices, security becomes more complex.

Dmitry Raidman

CTO & Co-founder