What was causing instability in C++ SBOM generation on Windows, and how has RunSafe resolved it in the latest update?

In this RunSafe Security Minute, Senior Software Engineer Kelli explains “What caused instability in C++ SBOM generation on Windows—and how did RunSafe resolve it?”.

Resolving C++ SBOM Instability on Windows

How RunSafe Resolved C++ SBOM Instability on Windows

In this RunSafe Security Minute, Senior Software Engineer Kelli explains a significant improvement in the C++ SBOM generation process for Windows.

Previously, RunSafe’s SBOM generator used a third-party tool to track system processes during C/C++ compilation. However, this tool required a specific order of events to capture process data, leading to a race condition. Some child processes would complete their work before the tool could recognize them resulting in incomplete SBOMs.

To resolve this, the RunSafe team replaced the dependency and implemented a lower-level system that detects new processes the instant they’re created. This ensures more accurate, complete C++ SBOMs and better post-processing.

This update reinforces RunSafe’s commitment to software transparency and build integrity—especially in embedded systems and critical infrastructure applications.