{"id":47365,"date":"2022-07-01T14:00:00","date_gmt":"2022-07-01T14:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients-"},"modified":"2022-07-01T14:00:00","modified_gmt":"2022-07-01T14:00:00","slug":"when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/","title":{"rendered":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>If you&#8217;re building software applications, you&#8217;re familiar \u2014 or should be familiar \u2014 with <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/log4j-and-the-role-of-sboms-in-reducing-software-security-risk\" target=\"_blank\" rel=\"noopener\">SBOMs, or software bills of materials<\/a>. Think of an SBOMs as a list of ingredients in your application. The urgency for organizations to create and maintain accurate SBOMs has increased in the wake of recent software supply chain vulnerabilities such as <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/log4shell-the-big-picture\" target=\"_blank\" rel=\"noopener\">Log4Shell<\/a> and <a href=\"https:\/\/www.darkreading.com\/application-security\/zero-day-vulnerability-discovered-in-java-spring-framework\" target=\"_blank\" rel=\"noopener\">Spring4Shell<\/a>. What&#8217;s more, if you do business with the US government, an accurate and up-to-date SBOM is now a requirement, based on the <a href=\"https:\/\/www.darkreading.com\/operations\/software-incident-response-among-big-focus-areas-in-biden-s-cybersecurity-executive-order\" target=\"_blank\" rel=\"noopener\">May 2021 Executive Order<\/a> issued by the White House in response to the far-reaching repercussions of the SolarWinds attack. <\/p>\n<p>According to <a href=\"https:\/\/www.gartner.com\/en\/documents\/4011501\" target=\"_blank\" rel=\"noopener\">Gartner<\/a>, &#8220;by 2025, 60% of organizations building or procuring critical infrastructure software will mandate and standardize SBOMs in their software engineering practice, up from less than 20% in 2022.&#8221; Gartner also acknowledges that &#8220;keeping software bills of materials (SBOMs) data in sync with corresponding software artifacts presents a key challenge.&#8221;<sup>1<\/sup><\/p>\n<p>Are organizations keeping pace with such market dynamics? A recent Tidelift <a href=\"https:\/\/blog.tidelift.com\/finding-6-only-37-of-organizations-are-aware-of-new-government-software-supply-chain-security-requirements-around-security-and-sboms\" target=\"_blank\" rel=\"noopener\">survey<\/a><br \/>\nshows that only 37% of organizations are aware of new government software supply chain requirements around security and SBOMs. Of these organizations, only <a href=\"https:\/\/blog.tidelift.com\/finding-7-78-of-organizations-are-already-using-sboms-for-application-development-or-have-plans-to-in-the-next-year\" target=\"_blank\" rel=\"noopener\">20% are using SBOMs for most<\/a> or all applications today.<\/p>\n<p>However, change is coming quickly: The vast majority of organizations \u2014 78% \u2014 are either already using SBOMs in at least some applications or have plans to do so in the next year, according to the survey. <\/p>\n<h2 class=\"regular-text\">Open Source Complicates SBOM Matters<\/h2>\n<p>Developing SBOMs can be challenging, but if you are using open source components in your applications \u2014 as most modern software development teams do \u2014 then the process for building an SBOM and keeping it up to date becomes even more complex because of the impact of transitive dependencies.<\/p>\n<p>Open source components that other open source components rely on, transitive dependencies can be difficult to track down. For example, many organizations affected by Log4Shell weren&#8217;t immediately aware of their exposure because it came through transitive dependencies. It is therefore critical that your SBOM identifies not only direct open source dependencies but also transitive dependencies.<\/p>\n<p>In addition, because developers are constantly committing code to deliver enhanced functionality to applications, it is critical that SBOMs are dynamic, capturing changes to the open source components up and down the open source software supply chain. <\/p>\n<h2 class=\"regular-text\">Conclusion: Get a Handle on SBOMs<\/h2>\n<p>To ensure the integrity of software supply chains, the use of SBOMs will become more common \u2014 and will often be required. To ensure that your organization is delivering accurate and up-to-date SBOMs for the applications it develops and delivers, it&#8217;s important to get a handle not just on your list of ingredients, but also the ingredients your ingredients are using.<\/p>\n<p><sup>1<\/sup>&nbsp;Gartner, &#8220;Innovation Insight for SBOMs,&#8221; Manjunath Bhat, Dale Gardner, Mark Horvath, 14 February 2022. GARTNER is a registered trademark and service mark of Gartner, Inc. and\/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients-\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Transitive dependencies can complicate the process of developing software bills of materials.Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients-\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-47365","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-01T14:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?\",\"datePublished\":\"2022-07-01T14:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/\"},\"wordCount\":498,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt08643ef2aca80b08\\\/626c150ee9dae965bdbcaa8e\\\/Security_Anna_Berkut_Alamy.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/\",\"name\":\"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt08643ef2aca80b08\\\/626c150ee9dae965bdbcaa8e\\\/Security_Anna_Berkut_Alamy.jpg\",\"datePublished\":\"2022-07-01T14:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt08643ef2aca80b08\\\/626c150ee9dae965bdbcaa8e\\\/Security_Anna_Berkut_Alamy.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt08643ef2aca80b08\\\/626c150ee9dae965bdbcaa8e\\\/Security_Anna_Berkut_Alamy.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/","og_locale":"en_US","og_type":"article","og_title":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-07-01T14:00:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?","datePublished":"2022-07-01T14:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/"},"wordCount":498,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/","url":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/","name":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg","datePublished":"2022-07-01T14:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt08643ef2aca80b08\/626c150ee9dae965bdbcaa8e\/Security_Anna_Berkut_Alamy.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/when-it-comes-to-sboms-do-you-know-the-ingredients-in-your-ingredients\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47365"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47365\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47365"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47365"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}