Log4j and the Role of SBOMs in Reducing Software Security Risk

High-profile cybersecurity incidents have exposed threats to the software supply chain, particularly commercial off-the-shelf (COTS) software, which often contains hidden vulnerabilities in open source components. Despite industry growth, investment in supply chain security remains low. The solution is a software bill of materials (SBOM), detailing all components of a software product. Utilising SBOM data in procurement and risk assessment processes can address this issue, reducing risk, ensuring compliance and bolstering supply chain security.