VB Publisher
VB Publisher is a tool that helps software vendors create, publish, and distribute SBOMs. This can help to improve security, compliance, and efficiency in the software supply chain. VB Publisher is easy to set up and use, and it can be used to track the provenance of software and identify security vulnerabilities.
Why VeriBOM for Publishers?
VeriBOM simplifies compliance by putting your SBOM processes on autopilot. VeriBOM creates bi-directional trust through accountability, transparency, and communication for an unlimited number of software applications and customers. You are only as secure as your weakest link and VeriBOM helps you build a reinforced chain.
Remove low value tasks from high value employees
Automated SBOM tools can help to improve the efficiency, security, and compliance of an organization's software development and deployment processes. This can free up high-value employees to focus on more strategic and creative tasks.
Put your software compliance on auto-pilot
Automation is the key to consistency and accuracy. Set up an automated SBOM process for each release to ensure you stay in compliance over the life of your software application.
Build trust between Software Publishers and Security Auditors
Trust requires accountability, transparency, and communication. VeriBOM handles all three using automation through the VB Auditor and VB Publisher SBOM repository.
Mitigate Financial Risks
The most common costs associated with a data breach include investigation and remediation, regulatory fines and penalties, lost customers and revenue, and legal fees.
Key Features
Automation, Collaboration, and Scanning
SBOMs need to be updated in real-time with the industry’s latest knowledge on new vulnerabilities and malicious packages.
Streamline Vulnerability Management
Securely manage who receives your supply chain data and manage updates through automation and a simple web interface at no cost to your customers.
Facilitate Audit Trails
Select from a range of formats, such as CycloneDX and SPDX, and opt to either download and distribute the SBOM independently or have VeriBOM host it on your behalf.
Focus on What's Important
Know what dependencies are in your runtime vs. inventory.
Consolidate Your Supply Chain
Ensure all customers are managed with a standard web interface.
Seamless Integration
Seamlessly integrate with your existing repositories, CI pipelines and workflows, incorporating security expertise into your processes.
Fast
Integrate directly into your pipeline allowing you to generate reports automatically. No need to spend time manually generating reports.
Smart
Automatically detect programming languages and generate Software Bill of Materials with high accuracy and speed - trust that your software supply chain is secure.
Code
Security
Your IP source code is securely handled by VeriBOM.
Features with Premium License
SBOM Management
-
Organization & User authentication
-
Basic Publisher Dashboard
-
Connection Management
-
Product & Project Management
-
SBOM Generation and Publishing
-
Roles & Permissions
-
Contact Management
-
Dashboard for Publisher & Auditor
-
SBOM Enrichment Service
-
Dependency Detection & Visualization
SBOM Generation Sources
-
Source Code (Zip/Tar)
-
SCM Integration (GitHub)
-
Container Image as Source
-
CI/CD Integration (TeamCity, Jenkins)
Language Support
-
Python, Java, JavaScript, Ruby, PHP, GO, Groovy , Rust, Perl, Dart, Android , Objective C, C#
Integration & Insights
-
Basic Search
-
Knowledge Center - MVP
SBOM Distribution
-
SBOM Manual Export (SPDX)
-
SBOM File Export (CycloneDX, SWID)
-
Partner Portal – Bare Minimum
-
SBOM Import (Manual & API)
-
SBOM Export (API)
Reporting & Notifications
-
Basic Notifications related to SBOM
-
New SBOM Generation
-
New Connection Request
​
Advanced Features
-
Signing & Attestations
VeriBOM Process
Create
Generate a comprehensive and highly detailed inventory of all code dependencies, regardless of how deep they go, and produce a Software Bill of Materials (SBOM) for any historical version of your software, not just the present one.
Import
Utilize SBOMs to gain insights and manage licensing and security risks associated with your third-party software.
Export
Select from a range of formats, such as CycloneDX and SPDX, and opt to either download and distribute the SBOM independently or have VeriBOM host it on your behalf.
Automate
Ensure your SBOMs are always up to date using VeriBOM’s automatic update feature, and centralize the management of all SBOMs, including those from third-party sources, in a single location.