Amid supply chain attacks, emerging vendor rethinks SBOM

Codenotary, a vendor specializing in Software Bill of Materials (SBOM) management, is attracting attention from major corporations such as Motorola, Morgan Stanley, and Siemens. The company focuses on tracking and analyzing SBOMs, generating a more granular signing process compared to digital certifications. Using a blockchain-based system, Codenotary enables individual signing for each software version, regional deployment, and customer environment. The system’s capabilities, like vulnerability detection, have been used for forensic analysis in companies like Swisscom.