NTIA releases ‘SBOM’ minimum elements report required under Biden cyber EO

The National Telecommunications and Information Administration has published a report outlining what should be considered “minimum elements” in the development of a “Software Bill of Materials.”

The publication breaks down the elements into three categories: “data fields,” “automation support,” and “practices and processes. “In addition to establishing these minimum elements, this report defines the scope of how to think about minimum elements, describes SBOM use cases for greater transparency in the software supply chain, and lays out options for future...