US Agencies Release Security Guidance on Managing SBOMs and Open Source Software

The report provides guidance on open source software adoption, including criteria for selection, risk assessment, licensing, export control, maintenance, vulnerability response, and secure software delivery.