---
type: "term"
title: "SBOM (Software Bill of Materials)"
description: "A formal, machine readable inventory of all software components, libraries, and dependencies used in a software product."
resource: "tlctc:term:sbom-software-bill-of-materials"
tags:
  - "glossary"
---
# SBOM (Software Bill of Materials)

A formal, machine-readable inventory of all software components, libraries, and dependencies used in a software product. In TLCTC: SBOM is a critical control for `#10 Supply Chain Attack` — it enables organizations to identify and track third-party components, verify their integrity, and rapidly assess exposure when vulnerabilities are discovered in dependencies.

See also: Supply Chain Attack (#10), SCA, Third-Party Trust Link