Why is it critical to enrich SBOMs with proprietary component details like licensing and supplier info?

In this RunSafe Security Minute, Kelli Schwalm explains why enriching SBOMs with licensing and supplier information is key for compliance, provenance, and secure software management.

Enrich SBOMs with Licensing & Supplier Info

Why Proprietary Component Details Are Critical in SBOMs

Software Bills of Materials (SBOMs) are essential for visibility into your software supply chain—but many miss a critical piece: proprietary component details. Licensing terms, authorship, and supplier information often sit outside the codebase, making them difficult to capture.

In this RunSafe Security Minute, Kelli Schwalm, Director of SBOM at RunSafe Security, highlights why these details matter for compliance, provenance, and consumer trust. She also connects these insights to RunSafe’s August product update, which expanded the flexibility of our SBOM configuration file. Now, teams can define proprietary components once, automatically enrich every SBOM with license and supplier data, and reuse the config file across builds—making SBOM generation accurate, repeatable, and efficient.