Why Eracent’s CSMS SBOM Manager™?

Eracent’s SBOM Manager™ is designed to meet the needs of organizations that are Software Consumers. These organizations are purchasing and using software from commercial publishers as well as their own internal Application Development teams.

In contrast, SBOM tools from CAST, SNYK, Dependency Track, and others are targeted to meet the needs of Application development teams and Publishers – Software Creators. These tools focus on the creation of SBOMs and analysis of vulnerabilities throughout the development process. Their features and reporting mechanisms are not targeted towards organizations that are Software Consumers, who require a well-rounded set of data, reporting and analysis features to comply with cyber mandates and directives.

SBOM Manager is based around a centralized repository that provides a single source of data about libraries that are contained in SBOMs. It eliminates the need to review SBOMs individually, which saves significant amounts of time in the event of a reported vulnerability.

SBOM Manager enables customers to upload their SBOMs and assign related information that supports reporting, filtering, and more. These attributes include Publisher, Line of Business, Application Component, and more. This feature enables customers to manage a group of SBOMs together and get more value from the volume of processed information.

SBOM Manager “deconstructs” each uploaded SBOM, recording the software product to which it belongs, and all the SBOM’s content. The result is an index of components and libraries mapped to products. If a vulnerability is reported, customers get an immediate report of every product in use in their organization that includes the affected component or library.

SBOM Manager leverages up-to-date data about each open source component and library. Multiple vulnerability information sources including NIST are inspected daily.

SBOM Manager integrates with Eracent’s CSMS CyberDiscovery™ and other leading endpoint management and discovery tools. SBOM Manager shows which software products may be impacted by a vulnerability, and the discovery and endpoint tools can then show all installations of the product. This provides a mitigation target list for patches, updates, and other remediation efforts.

SBOM Manager can act as a collaboration platform between software publishers and their customers. Security professionals can monitor potential vulnerabilities of a service starting from the software development process through implementation, taking into consideration the complete environment: hardware, operating system, database, middleware and networking.