Veracode SBOM - Managing Risks
Do you use the Software Bill of Materials (SBOM) feature? If yes, how would you assess the SBOM feature for helping manage your risks (e.g., software supply chain, security, and licensing risks)? Please explain.
We use the Software Bill of Materials (SBOM) feature; it's essential and advantageous. We can't do a bill of materials manually, so it's excellent that Veracode provides this. SBOM helps us manage our risks, as every company has software that needs to be run appropriately throughout the user and client base. It's necessary to have a security audit or security compliance in such applications, and Veracode enables this functionality so we can easily identify security flaws and take measurable action.
View full review »The software bill of materials helps us understand the industry that we are in and ensures we have a stable solution.
View full review »I love the Software Bill of Materials (SBOM) feature because it helps you explore various industries and understand what to do to minimize risks and maintain compliance. It's straightforward and ensures my applications are compliant.
View full review »SBOM is beneficial as it enables us to verify software licensing through static scanning. This helps ensure that the product we provide in the market is compliant with industry standards and user needs. In my opinion, this is a fantastic feature.
View full review »Using SBOM to manage risks is straightforward and faster because it does not require technical skills. This makes it easy and straightforward to implement and use to prevent vulnerabilities and ensure compliance with any policy in any industry.
View full review »I have also used the Software Bill of Materials (SBOM) feature in some implementations. It's important because in modern software development, people always use third-party components but they don't necessarily see the problems that they may contain. If you don't use the SBOM tool, you won't know the status of all these third-party pieces.
View full review »A SBOM is a list that can help us manage our risks by tailoring it with software competition analysis, scanning for vulnerabilities, and addressing third-party risks. As part of the supply chain, an SBOM provides a visual representation of the components present in our application, enabling us to take appropriate action.
View full review »Veracode's reporting feature provides comprehensive insights into the security status of our code or application. These reports generated by Veracode offer visibility into vulnerabilities and different severity levels of threats that may be present. They also recommend remediation steps to address these issues without extensive code modifications.
View full review »The software bill of materials feature has proven helpful in finding bugs and flaws that may cause problems in our product when we launch it. It has helped a lot to exponentially reduce the cost after the launch cycle.
View full review »PB
Pradeep Honaganahalli Basavaraju
ML engineer at a consultancy with 10,001+ employees
Veracode's tool scans every single library and gives a dashboard showing the number of libraries, high and low criticality issues, and whether a product has any issues. It helps us assess the libraries and decide whether to resolve the issues or replace the library to minimize risks.
View full review »The SBOM feature helps identify risks in all third-party software.
View full review »JW
reviewer2287986
Lead Product Security Engineer at a computer software company with 1,001-5,000 employees
The SBOM helps manage our risk.
View full review »