top of page

Automated SBOM Compliance

VeriBOM helps suppliers safely manage the software supply chain and SBOMs with automation, simplicity, and transparency to reduce the risk of security breaches and data leaks.


VB Publisher 

VB Publisher is a tool that helps software vendors create, publish, and distribute SBOMs. This can help to improve security, compliance, and efficiency in the software supply chain. VB Publisher is easy to set up and use, and it can be used to track the provenance of software and identify security vulnerabilities.

Why VeriBOM for Publishers?

VeriBOM simplifies compliance by putting your SBOM processes on autopilot. VeriBOM creates bi-directional trust through accountability, transparency, and communication for an unlimited number of software applications and customers. You are only as secure as your weakest link and VeriBOM helps you build a reinforced chain.

Remove low value tasks from high value employees

Automated SBOM tools can help to improve the efficiency, security, and compliance of an organization's software development and deployment processes. This can free up high-value employees to focus on more strategic and creative tasks.

Put your software compliance on auto-pilot

Automation is the key to consistency and accuracy. Set up an automated SBOM process for each release to ensure you stay in compliance over the life of your software application. 

Build trust between Software Publishers and Security Auditors

Trust requires accountability, transparency, and communication. VeriBOM handles all three using automation through the VB Auditor and VB Publisher SBOM repository.

Mitigate Financial Risks

The most common costs associated with a data breach include investigation and remediation, regulatory fines and penalties, lost customers and revenue, and legal fees.

Key Features

Automation, Collaboration, and Scanning

SBOMs need to be updated in real-time with the industry’s latest knowledge on new vulnerabilities and malicious packages.

Streamline Vulnerability Management

Securely manage who receives your supply chain data and manage updates through automation and a simple web interface at no cost to your customers.

Facilitate Audit Trails

Select from a range of formats, such as CycloneDX and SPDX, and opt to either download and distribute the SBOM independently or have VeriBOM host it on your behalf.

Focus on What's Important

Know what dependencies are in your runtime vs. inventory.

Consolidate Your Supply Chain

Ensure all customers are managed with a standard web interface.

Seamless Integration

Seamlessly integrate with your existing repositories, CI pipelines and workflows, incorporating security expertise into your processes.


Integrate directly into your pipeline allowing you to generate reports automatically. No need to spend time manually generating reports.


Automatically detect programming languages and generate Software Bill of Materials with high accuracy and speed - trust that your software supply chain is secure.



Your IP source code is securely handled by VeriBOM.

Features with Premium License

SBOM Management

  • Organization & User authentication
  • Basic Publisher Dashboard
  • Connection Management
  • Product & Project Management
  • SBOM Generation and Publishing
  • Roles & Permissions
  • Contact Management
  • Dashboard for Publisher & Auditor
  • SBOM Enrichment Service
  • Dependency Detection & Visualization

SBOM Generation Sources

  • Source Code (Zip/Tar)
  • SCM Integration (GitHub)
  • Container Image as Source 
  • CI/CD Integration (TeamCity, Jenkins)

Language Support

  • Python, Java, JavaScript, Ruby, PHP, GO, Groovy , Rust, Perl, Dart, Android , Objective C, C#

Integration & Insights

  • Basic Search
  • Knowledge Center - MVP

SBOM Distribution

  • SBOM Manual Export (SPDX)
  • SBOM File Export (CycloneDX, SWID)
  • Partner Portal – Bare Minimum
  • SBOM Import (Manual & API)
  • SBOM Export (API)

Reporting & Notifications

  • Basic Notifications related to SBOM
  • New SBOM Generation
  • New Connection Request

Advanced Features

  • Signing & Attestations

VeriBOM Process


Generate a comprehensive and highly detailed inventory of all code dependencies, regardless of how deep they go, and produce a Software Bill of Materials (SBOM) for any historical version of your software, not just the present one.


Utilize SBOMs to gain insights and manage licensing and security risks associated with your third-party software.


Select from a range of formats, such as CycloneDX and SPDX, and opt to either download and distribute the SBOM independently or have VeriBOM host it on your behalf.


Ensure your SBOMs are always up to date using VeriBOM’s automatic update feature, and centralize the management of all SBOMs, including those from third-party sources, in a single location.

bottom of page