Software Bill of Materials
An SBOM is a formal, machine-readable list of every component, library, and dependency that makes up a piece of software, much like an ingredients label on food. It is generated during the build phase and shared with customers or regulators so everyone can quickly check whether a newly disclosed vulnerability affects them. US federal policy and supply chain attacks have made SBOMs a standard expectation for software vendors.