IT AI Skill

Supply Chain Security Sbom

Manage software supply chain security including Software Bill of Materials (SBOM) generation, dependency vulnerability management, third-party risk assessment, secure software development practices, and supply chain attack prevention. Use when generating an...

Supply Chain Security & SBOM Management

Comprehensive software supply chain security program covering Software Bill of Materials (SBOM) generation and management, dependency vulnerability tracking, third-party risk assessment, and secure software development lifecycle practices.

Workflow

  1. Establish supply chain security policy: define requirements for SBOM generation, dependency management, third-party vendor assessment, code signing, and artifact integrity verification; align with NTCS (National Cybersecurity Strategy) and SLSF (Secure Software Development Framework).
  2. Implement SBOM generation: automate SBOM creation in CI/CD pipeline; select SBOM format (SPDX 2.3, CycloneDX 1.5);