Hi Folks - I think many of you are familiar with the idea of a “software bill of materials,” kind of like a list of ingredients for software. There is some great potential feedback loops between SBOM and good disclosure, including helping researchers and product teams understand who might be affected.
NTIA is looking for feedback on the idea of “minimum elements” of SBOM, including data fields, operational considerations, and support for automation. Comments will be due around June 16ish. You can find the full request for comments below.
Feel free to reach out if there are any questions!
allan