Statements (44)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
manual
|
| gptkbp:abbreviation |
gptkb:SBOM
|
| gptkbp:can_be_generated_by |
build tools
security tools package managers |
| gptkbp:contains |
open source components
third-party libraries proprietary components component relationships version information component origin |
| gptkbp:describes |
list of components in software
|
| gptkbp:enables |
gptkb:legislation
risk assessment incident response vulnerability scanning supply chain risk management component inventory license auditing software provenance tracking transparency for customers transparency for end users transparency for regulators |
| gptkbp:format |
gptkb:JSON
XML YAML |
| https://www.w3.org/2000/01/rdf-schema#label |
Software Bill of Materials
|
| gptkbp:promotion |
gptkb:CISA
gptkb:OpenSSF gptkb:US_Department_of_Commerce |
| gptkbp:relatedTo |
supply chain security
open source compliance vulnerability disclosure software composition analysis |
| gptkbp:requires |
gptkb:US_Executive_Order_14028
|
| gptkbp:standardizedBy |
gptkb:SPDX
gptkb:NTIA gptkb:CycloneDX |
| gptkbp:used_in |
software supply chain management
|
| gptkbp:usedFor |
vulnerability management
license compliance software transparency |
| gptkbp:bfsParent |
gptkb:SBOM
|
| gptkbp:bfsLayer |
7
|