Legal and Policy

A consistent mantra of the Software Bill Of Materials (SBOM) ballyhoo is that various government entities around the world have mandated SBOMs in various different places. From USA POTUS Executive Orders, to EU Directives, to USA NIST whitepapers — it's often been repeated that these various sources mandate SBOMs as a mandatory requirement.

Let's do a deep dive into the source material and find out what these various orders and directives actually say, and figure out what's really mandated.