Software Bill of Materials Generation (SBOM)
Table of Contents
Prisma Cloud Enterprise Edition
Expand all | Collapse all
-
- Quick Start for Beginners
- Enable Application Security on Prisma Cloud
- Application Security Licenses
- Manage Roles and Permissions
- Generate Access Key
-
-
- Add Azure Repos to Prisma Cloud Application Security
- Add Bitbucket to Prisma Cloud Application Security
- Add Bitbucket Server to Prisma Cloud Application Security
- Add GitHub to Prisma Cloud Application Security
- Add GitHub Server to Prisma Cloud Application Security
- Add GitLab Self-Managed to Prisma Cloud Application Security
- Add GitLab to Prisma Cloud Application Security
-
- Add AWS Code Build to Prisma Cloud Application Security
- Add CircleCI to Prisma Cloud Application Security
- Add Checkov to Prisma Cloud Application Security
- Add GitHub Actions to Prisma Cloud Application Security
- Add Jenkins to Prisma Cloud Application Security
- Add Terraform Cloud (Sentinel)
- Add Terraform Cloud (Run Tasks)
- Add Terraform Enterprise (Sentinel)
- Add Terraform Enterprise (Run Tasks)
-
- Pre-receive Hooks
- Set up IaC Tag and Trace
- Setup Drift Detection
- Secrets Scanning
- Manage Workspaces
- Create and Manage Code Category views
Software Bill of Materials Generation (SBOM)
Software Bill of Materials on Prisma Cloud Application Security is available for both IAC Security and CI/CD Security with SCA Security.
Software Bill of Materials Generation (SBOM) for IAC Security with Software Composition Analysis
A Software Bill of Materials (SBOM) is a comprehensive list of software components and their dependencies used in an application, crucial for ensuring software security and integrity. When integrated with Infrastructure as Code (IAC), SBOM provides transparency to the software supply chain, enhancing software asset management.
Software Composition Analysis (SCA) is integral to SBOM generation, analyzing software components, libraries, and dependencies to identify vulnerabilities and security risks. By conducting SCA during SBOM generation, organizations can proactively address vulnerabilities before deployment.
See here for more details.
Software Bill of Materials Generation (SBOM) for CI/CD Security
Continuous Integration/Continuous Deployment (CI/CD) accelerates development but can introduce security risks. SBOM mitigates these risks and offers multiple benefits.
- Risk Management:SBOM helps identify vulnerabilities early, reducing the risk of exploitation by malicious actors.
- Compliance:SBOM aids compliance with regulatory standards by providing transparency into software development and deployment.
- Patch Efficiency:SBOM allows efficient management of patches and updates, maintaining application security and stability.
- Vendor Oversight:SBOM helps track third-party dependencies, ensuring vendor security adherence and minimizing risks.
- DevOps Collaboration:SBOM fosters collaboration between development, operations, and security teams, enabling joint security decisions.
Integrating SBOM generation and Software Composition Analysis into the CI/CD pipeline enhances IAC security. This proactive approach delivers secure, compliant applications, reducing potential vulnerabilities in production environments.
See here for more details.