Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Basics of SBOM: Software Bill of Materials
New
Rating: 3.8 out of 5(2 ratings)
6 students

Basics of SBOM: Software Bill of Materials

Learn SBOM basics, software supply chain risks, standards like SPDX and CycloneDX, and tools like Syft and Grype
New
Created byHaithem Jebali
Last updated 4/2026
English

What you'll learn

  • Understand SBOM Fundamentals
  • Understand Software Supply Chain Security
  • Generate SBOM using Syft
  • Scan SBOMs for vulnerabilities using Grype
  • Learn SBOM Standards and Formats

Course content

7 sections33 lectures1h 46m total length

  • What is an SBOM?1:20
  • Why SBOM matters in modern software1:39
  • Real-world supply chain attacks (SolarWinds, Log4Shell)2:50
  • SBOM in security, compliance, and DevOps3:27
  • Introduction

Requirements

  • No prior knowledge of SBOM is needed.

Description

Understand What’s Inside Your Software — Before Attackers Do

Modern applications are built using hundreds of third-party components.
But do you really know what’s inside your software?

This is where SBOM (Software Bill of Materials) comes in.

In this course, you’ll learn how SBOM brings visibility, security, and compliance to today’s complex software supply chains.

What You’ll Learn

  • What an SBOM is and why it matters

  • How modern software supply chains work

  • The risks of dependencies and third-party components

  • Real-world attacks like the SolarWinds hack and the Log4Shell vulnerability

  • Key SBOM standards:

    • SPDX

    • CycloneDX

    • SWID

  • How SBOM supports compliance with:

    • Executive Order 14028

    • EU Cyber Resilience Act

  • How to generate SBOM using Syft for:

    • Javascript

    • Java

    • Python

    • Docker Containers

  • How to scan SBOMs for vulnerabilities using Grype

Why This Course Matters

Software supply chain attacks are rising—and organizations are under pressure to:

  • Improve transparency

  • Manage vulnerabilities faster

  • Meet regulatory requirements

Who This Course Is For

  • Developers wanting to understand security risks

  • DevOps and IT professionals

  • Anyone interested in software supply chain security

Requirements

  • Basic computer knowledge

  • No prior SBOM or security experience needed

Real-World Impact

By the end of this course, you’ll understand:

  • How companies detect vulnerabilities faster

  • How governments enforce software transparency

  • Why SBOM is becoming a global standard

Who this course is for:

  • IT Managers & Compliance Professionals
  • Anyone Interested in Software Supply Chain Security
  • Beginners in cybersecurity

Report abuse