-
Six Georgians tried in France over theft of rare Russian books
-
US trade gap narrows in April on oil exports boost
-
Stocks rise, oil eases after Trump evokes Iran deal
-
One shot as Kenyan protests at US Ebola centre turn violent
-
Townsend says Dempsey still part of Scotland set-up despite Japan move
-
Trump-linked resort plan ignites Albanian discontent
-
Itoje out of latest England training squad
-
Acid attack on woman doctor sparks fear, protests in Pakistan
-
'No fairytale ending' as winger Lowe announces Ireland exit
-
Gower warns Stokes' England captaincy in 'severe doubt' after nightclub incident
-
COP31 hosts unveil 'electrification' priority for climate talks
-
McKeown battles illness to surge home in 100m backstroke at Australian trials
-
Oil prices drop, stocks rise on Mideast hopes
-
German chemical giant BASF urges overhaul of EU carbon scheme
-
Europe's top firms fuelling inequality with payouts: Oxfam
-
UK government 'concerned' by abuse claims against West Ham co-owner
-
What we know about Xi's visit to North Korea
-
Japan city relieved as bear caught after roaming streets for days
-
Kenyan police fire tear gas, make arrests at US Ebola centre protest
-
Mosaddek steers Bangladesh to 284-8 against sloppy Australia
-
Jota will be in Scotland skipper Robertson's 'heart' at World Cup, says widow
-
Outdoor hospitals, shaken communities as Philippine quake toll hits 41
-
German factory output, exports rise but Iran war weighs
-
Left-winger beats Republican to advance to LA mayor runoff: media
-
Pakistan, Lebanon army chiefs meet as Middle East mediation drags on
-
Between Homer and Hollywood: Troy a source of Turkish pride
-
Success-starved China fans adopt 'Card Master' referee as World Cup rep
-
Seven Georgians tried in France over theft of rare Russian books
-
Trump says in 'final throes' of reaching Middle East peace deal
-
Business, unions unite against Swiss immigration cap push
-
Outdoor hospitals, cut-off communities as Philippine quake toll hits 41
-
Spain beat Peru 3-1 to head into World Cup on high
-
Wembanyama sparks Spurs past Knicks in NBA Finals as Trump booed
-
China exports surge as Beijing withstands Middle East stress
-
Spurs edge Knicks 115-111 in NBA Finals as Trump booed
-
Hopes soar for US fans as hosts assemble at World Cup camp
-
French justice minister refuses to resign over girl killing case
-
Asian stocks track Wall St tech bounce, oil eases on Mideast hope
-
Encouraging trial results for AstraZeneca's new weight-loss pill
-
Hundreds evacuated as waves batter New Zealand capital
-
Former rugby league star in Australia comes out as gay
-
Bolivian president says 'narcoterrorists' behind crippling protests
-
World Cup nears kickoff after pre-tournament turbulence
-
Trump gets cold hometown welcome at NBA Finals in New York
-
Deschamps tips hat-trick man Olise to make big impact at World Cup
-
374Water Expands Orlando Partnership with Amended License Agreement to Build Full-Scale PFAS Waste Destruction and Manufacturing Hub
-
Future B2B Launches Affinity, an Audience Data Platform That Helps Marketers Find Active Buyers in Real Time
-
Greene Concepts Outlines Operational Readiness Supporting Be Water’s Scalable Growth
-
UniDoc Connect Surpasses One Million Patient Visits
-
NuRAN Wireless Secures USD 12 Million Debt Financing Mandate Letter, Launches in Ivory Coast and Accelerates African Expansion
FossID Announces Workflows to Help Enterprises Operationalize SBOM Lifecycle Management Across Complex Software Supply Chains
New solution helps organizations centrally ingest, normalize, inspect, approve, reject, consolidate, and deliver compliance-ready SBOM evidence as AI-driven development and maturing regulation reshape software supply chain governance
STOCKHOLM, SE / ACCESS Newswire / June 9, 2026 / FossID, a leader in software risk management, today announced FossID Workflows, a new solution designed to help enterprises manage the full lifecycle of Software Bills of Materials (SBOMs) across complex software supply chains. The upcoming product will help organizations centrally ingest, normalize, inspect, approve or reject, consolidate, and deliver compliance-ready SBOM evidence across suppliers, products, and releases.
The announcement comes as SBOM adoption accelerates in response to two major shifts in the software industry. First, AI-driven software development is increasing the speed and volume of code creation, including smaller code fragments that can make software inventory, provenance, security, and license compliance more difficult to manage. Second, maturing regulations, including the EU Cyber Resilience Act (CRA), are elevating SBOMs as a fundamental form of compliance evidence for organizations that build, integrate, sell, or distribute software-enabled products.
For enterprises in industries such as automotive, medical devices, consumer electronics, industrial automation, and other supplier-intensive markets, the operational challenge is becoming especially acute. OEMs often develop their own software while also receiving software from Tier-1 suppliers, who in turn receive software from Tier-2 suppliers and additional downstream providers. Each participant may generate, receive, transform, validate, and pass along SBOMs as part of a broader compliance and product assurance process.
This creates a practical breakdown in SBOM operationalization. Organizations may have the ability to generate SBOMs, but they often lack a scalable process for collecting them from suppliers, normalizing different formats, validating quality, resolving issues, approving or rejecting submissions, consolidating multiple SBOMs into product-level evidence, and delivering that evidence to customers, auditors, or regulators.
"SBOMs are no longer just static technical artifacts," said Daniel Forsgren, Chief Technology Officer at FossID. "They are becoming operational records of software supply chain trust. As AI accelerates code creation and regulations mature, enterprises need more than SBOM generation. They need a governed way to manage the SBOM lifecycle across teams, suppliers, products, and releases."
FossID Workflows is being designed to address this operational gap. The solution will provide a centralized workflow layer for managing SBOM processes across complex enterprise environments, helping teams move from fragmented files and manual coordination to repeatable, auditable, and scalable SBOM governance.
With FossID Workflows, organizations will be able to:
Centrally ingest SBOMs from suppliers, internal teams, and software sources
Normalize SBOM inputs across different formats and supplier maturity levels
Inspect SBOM submissions for quality, completeness, and usability
Approve or reject supplier submissions through defined review workflows
Consolidate multiple SBOMs into product-level and release-level evidence
Maintain traceable records of SBOM review, decisions, exceptions, and approvals
Deliver compliance-ready evidence to customers, auditors, regulators, and supply chain partners
"Many organizations have made progress with SBOM generation, but generation is only the starting point," said Daniel Forsgren. "The larger challenge is operational. Enterprises need to know whether an SBOM is complete, whether it represents the right software, whether it has been reviewed according to policy, and whether it can be trusted as part of a compliance evidence package. FossID Workflows is being built to make that process manageable at enterprise scale."
The need for SBOM lifecycle management is growing as software supply chains become more distributed and more dynamic. AI-assisted development is increasing the importance of accurate software inventory and provenance, while regulatory frameworks are pushing organizations toward stronger documentation, vulnerability handling, and supply chain transparency. In this environment, SBOMs must be managed as living compliance assets, not one-time files.
FossID Workflows will extend FossID's software risk management portfolio by helping organizations connect and automate the SBOM lifecycle. It is expected to complement FossID's Agentic SCA suite and FossID's professional services by enabling enterprises to operationalize SBOM governance across the full software supply chain.
Pilot Program and Early Access
FossID plans to make FossID Workflows available to select customers and partners prior to general availability.
"Most enterprises approaching SBOM operationalization have established processes; what they lack is tooling flexible enough to support those processes at scale. A one-size-fits-all workflow layer is unlikely to accommodate the variation in supplier maturity, regulatory obligation, and internal review structure that enterprise environments present," said Katie Norton, Senior Research Manager at IDC. "FossID Workflows addresses this through a composable workflow architecture that organizations can configure to fit their specific intake, validation, and approval requirements."
Organizations interested in early access or product briefings can contact FossID for more information. Readers can also join the FossID Workflows waitlist to stay informed about product availability, upcoming features, and pricing details as FossID prepares for broader release.
About FossID
FossID provides software supply chain integrity solutions that enable enterprises to leverage open source, third-party, and AI-generated code with confidence. Powered by FossID Workbench, a Software Composition Analysis (SCA) toolset, FossID also provides open source audit, technical due diligence, and code review services to help clients manage legal, security, and operational software supply chain risk.
For more information, visit www.fossid.com.
Media Contact
Aaron Branson
FossID Media Relations
[email protected]
SOURCE: FossID
View the original press release on ACCESS Newswire
O.Brown--AT
