Endor Labs Analyzes SBOMs
Understanding the supply chain of software is becoming a more critical issue on customers’ agendas. The way to accomplish that is by analyzing software bill of materials (SBOMs), which are used to analyze known vulnerabilities in software.
Analyzing SBOMs has become an even more important issue after last year’s discovery of the SolarWinds vulnerability. It presaged the Biden administration’s May 2021 executive order mandating that software publishers doing business with the federal government must publish their SBOMs.
“The federal government will now require software producers to publish what they say is analogous to the list of your ingredients to your technology,” said Nic LaBuz, Endor Labs’ VP of sales.
Endor Labs, which launched in October with $25 million in seed funding, has created what it calls a Dependency Lifecycle Management platform, designed to help developers to build open-source applications with fewer dependencies. The platform also identifies vulnerabilities by using indicators of risk to defend from software supply chain attacks.
