You are viewing the 2025 edition of FOSDEM. Click here to view the 2026 edition

Is There Really an SBOM Mandate?

H.1301 (Cornil) | Day 1 | 11:00 - 11:25 | Speakers: Bradley M. Kuhn

Copy link

Is There Really an SBOM Mandate?

Copy link

A picture of a devroom at FOSDEM 2024

Open in browser

Get involved in the conversation!Join the chat

Notes

Abstract

A consistent mantra of the Software Bill Of Materials (SBOM) ballyhoo is that various government entities around the world have mandated SBOMs in various different places. From USA POTUS Executive Orders, to EU Directives, to USA NIST whitepapers — it's often been repeated that these various sources mandate SBOMs as a mandatory requirement.

Let's do a deep dive into the source material and find out what these various orders and directives actually say, and figure out what's really mandated.

Attachments

Slides in PDF (final)

Speakers

Bradley M. Kuhn

Links

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.