News
Kaspersky announces Software Bill of Materials available for its customers and partners
October 2021 by Patrick LEBRETON
By providing a list of software components, known as the Software Bill of Materials (SBOM), global cybersecurity company Kaspersky is enhancing the ways in which it ensures the integrity of its products, and helps customers and partners understand what’s inside the company’s products and software architecture.
Rapid digitalisation of business processes is taking place in increasingly complex networks that rely on multiple software products. In turn, this has resulted in the growth of ICT supply chain security risks. According to a report by the European Union Agency for Cybersecurity (ENISA), supply chain attacks are on the rise in 2021. Enterprises have also found data breach incidents involving shared data with suppliers to be the costliest breaches in 2021, reaching 1.4 million USD. These numbers highlight the need to bring more transparency to the components and connections within and across software supply chains to ensure the integrity and trustworthiness of digital infrastructure that businesses rely on. One such measure to support businesses and provide even stronger assurance in the security and integrity of cybersecurity solutions – SBOM – has been introduced globally by Kaspersky.
SBOM is the documentation describing the parts which make up software, providing a list of all their components, information about them, and the relationships between them. An emerging good practice in the industry, SBOM enhances software transparency and improves visibility into software composition and architecture to encourage the building of a reliable and trustworthy digital infrastructure.
Being at the forefront of transparency in the cybersecurity industry, Kaspersky has introduced SBOM to empower its customers and partners with up-to-date information about components and ensuring product security while also performing necessary ICT supply chain risk management practices. It also represents the next step in further implementing baseline recommendations for the security of digital products, which Kaspersky and other industry partners discuss within the Geneva Dialogue on Responsible Behavior in Cyberspace – a global initiative led by the Swiss Federal Department of Foreign Affairs (FDFA), and implemented by the DiploFoundation.
SBOM is available at Kaspersky’s Transparency Centers which operate in four countries. Customers and partners can view SBOMs for particular products by requesting access to our Transparency Centers – both virtually and physically – by email via TransparencyCenter@kaspersky.com. Information about access to the facilities can be found on the dedicated webpage. Kaspersky experts will also be ready to address any questions our partners and customers might have in applying the SBOM data.
