Skip to main content Link Menu Expand (external link) Document Search Copy Copied
DevSecOps Guides

SBOM Security Checklist for DevSecOps

Table of contents

  1. Generate SBOM for your software
  2. Validate the generated SBOM
  3. Integrate SBOM generation in CI/CD pipeline
  4. Regularly update the SBOM tools
  5. Review and analyze SBOM for vulnerabilities
  6. Ensure SBOM is comprehensive and includes all components
  7. Protect SBOM data with proper access controls
  8. Monitor and update SBOM for each release

List of some best practices to SBOM for DevSecOps

Generate SBOM for your software

cyclonedx-bom -o sbom.xml

Validate the generated SBOM

bom-validator sbom.xml

Integrate SBOM generation in CI/CD pipeline

Add SBOM generation step in CI/CD script

Regularly update the SBOM tools

apt-get update && apt-get upgrade cyclonedx-bom

Review and analyze SBOM for vulnerabilities

sbom-analyzer sbom.xml

Ensure SBOM is comprehensive and includes all components

Review SBOM and add missing components

Protect SBOM data with proper access controls

Configure access controls for SBOM data

Monitor and update SBOM for each release

Automate SBOM update for each release