Why is it critical to enrich SBOMs with proprietary component details like licensing and supplier info?

In this RunSafe Security Minute, Kelli Schwalm explains why enriching SBOMs with licensing and supplier information is key for compliance, provenance, and secure software management.

Enrich SBOMs with Licensing & Supplier Info

Why Proprietary Component Details Are Critical in SBOMs

Software Bills of Materials (SBOMs) are essential for visibility into your software supply chain—but many miss a critical piece: proprietary component details. Licensing terms, authorship, and supplier information often sit outside the codebase, making them difficult to capture.

In this RunSafe Security Minute, Kelli Schwalm, Director of SBOM at RunSafe Security, highlights why these details matter for compliance, provenance, and consumer trust. She also connects these insights to RunSafe’s August product update, which expanded the flexibility of our SBOM configuration file. Now, teams can define proprietary components once, automatically enrich every SBOM with license and supplier data, and reuse the config file across builds—making SBOM generation accurate, repeatable, and efficient.

Secure Automotive Software from Source to Runtime

Secure Automotive Software from Source to Runtime

Aug 6, 2025

Memory Safety for ECUs, ADAS & More In an era where software defines vehicle safety, the rise in automotive vulnerabilities is alarming. With over 530 CVEs affecting automotive systems in 2024, OEMs and suppliers must rethink how they build and protect software....

read more