New SBOM Hub Helps All Stakeholders in Software Distribution Chain

Lineaje has launched SBOM360 Hub, a platform for software producers, sellers, and consumers to publish, share and use software bills of materials (SBOMs) and related compliance artifacts.

The new hub, Lineaje says, should help software producers and sellers be compliant with Executive Order 14028, which takes effect in September 2023, and which requires them to deliver SBOMs and linked attestation artifacts to customers.

SBOM360 Hub is a unified exchange that enables organizations to access and evaluate vendors’ SBOMs.

The platform allows software producers and sellers to create and publish attested, compliant SBOMs, along with self-attestation forms, and related artifacts for each product and SKU sold on their private hubs.

Software distributors and resellers can request SBOMs from vendors and make them available to their distribution channels and customers.

Software consumers can subscribe to SBOM360 Hub to find SBOMs from specific vendors and to receive notifications on software updates and vulnerabilities.

Consumers can also engage directly with the vendors, to request SBOMs, and can access security profiles of the open source dependencies of commercial products.

“Users can search their SBOMs, their vendor’s SBOMs, and their entire dependency chain for vulnerabilities, threats, provenance, suppliers – or any of the more than 150 attributes providers give access to — in seconds,” Lineaje says.

SBOM360 Hub is now available for early access, free for producers that publish up to 10 SBOMs per month.

Related: The SBOM Bombshell

Related: Chainguard Trains Spotlight on SBOM Quality Problem

Related: Big Tech Vendors Object to US Gov SBOM Mandate

Related: Microsoft Releases Open Source Toolkit for Generating SBOMs