Rezilion’s Dynamic SBOM: Now Supporting Windows
Today we’re excited to share that we’re expanding our Dynamic Software Bill of Materials (Dynamic SBOM) service to support Windows environments.
In May of 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity. The objective of the order is to enhance the US government’s defenses in the wake of several high-profile breaches, including those that impacted SolarWinds and Kaseya.
One key element of this order is a requirement for a Software Bill of Materials (SBOM). Vendors who want to contract with federal agencies must now provide an SBOM as part of the government’s procurement process. The SBOM details software dependencies and components in a product, offering critical visibility that helps to determine if a vulnerability is present in an environment. We predict the federal order is only step one is what will become a widespread adoption of SBOMs throughout private sector organizations as well.
Our Dynamic SBOM tool answers the call for visibility in multiple environments as it runs on both Windows and Linux platforms, allowing you to manage and monitor your whole environment in one place with an intuitive user interface.
With this new tool, Rezilion provides a clear and comprehensive view of all of your components, including files and packages, Windows programs, and Windows features. Additionally, it reveals which vulnerabilities are associated with each package, as well as whether or not they are exploitable.
Various SBOM export formats are available, including CycloneDX and CycloneDX + VEX standards, as well as CSV, JSON, and XLSX for convenient and automated use.
Based on the CycloneDX specification, the DSBOM output will contain the following information:
1. Host & Image information
2. This component (open source packages, Windows program and features) is associated with each host or image and contains metadata and information on whether they are loaded or not:
a. Component name
c. Package manager
d. Host & image for associated packages
3. Vulnerabilities associated with installed packages on your hosts / images and whether they can be exploited
4. Components, dependencies & license information
Using a Dynamic SBOM tool will help you understand, manage, and control your attack surface, which is not only important for your organization’s compliance posture, but also for communicating your real risks to customers, third parties, or other stakeholders.
Learn more about Rezilion’s Dynamic SBOM at https://www.rezilion.com/platform/dynamic-sbom/.
Want to see it in action? Book a demo today to learn more about Rezilion’s Windows software security solutions.