An
SBOM is a comprehensive inventory of all software components in a product — libraries, frameworks, dependencies — enabling rapid impact assessment when new vulnerabilities are disclosed.
Log4Shell impact: organizations without SBOMs didn't know if they used Log4j. Biden's 2021 cybersecurity EO requires SBOMs for federal software procurement. SBOMs enable software supply chain risk management.