The widespread availability of third-party and open source software has significantly accelerated modern software development. These technologies also pose a risk, because the external code used by a company has not gone through vital security review processes. A software bill of materials (SBOM) can help provide governance over these external components. An SBOM lists the libraries used by a piece of software and in some cases describes their vulnerability and license status.
Article Link: How to integrate SBOMs into the software development life cycle