SBOM Shake-Up: CISA Calls for Public Input Amid Controversial Changes

CISA is seeking public input on a new SBOM guideline. With changes in leadership and strategy, the agency aims to update its 2021 guidelines to reflect advancements in SBOM tooling and adoption. Public comments are welcomed until October 3, 2025. Let’s hope someone remembers to include a “How to SBOM for Dummies” section!

3P
Published: August 25, 2025 10:06 amAdded: August 25, 2025 at 3:17 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, folks, it seems the CISA is on a grand quest, asking the world for some input to revamp their SBOM guidelines. If only they could also solve the mystery of why we still get “update available” notifications at the most inconvenient times! It’s like the government is saying, “Help us help you… and maybe a little bit ourselves too!”

Key Points:

  • CISA is inviting public comments on updating software bill of materials (SBOM) guidelines.
  • The SBOM is a document listing all software components and dependencies used by an organization.
  • Previous SBOM guidelines were directed by President Biden’s 2021 Executive Order on cybersecurity.
  • Controversy arose in 2022 over SBOM requirements for defense contractors.
  • The SBOM community has grown, with increased participation from the open-source sector.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?