https://intellixbom.com/tags/cyclonedx/Recent content in CycloneDX on IntelliXBOMHugoen-usThu, 09 Apr 2026 12:00:00 +0530https://intellixbom.com/blog/dont-trust-vendor-sbom-certin/Thu, 09 Apr 2026 12:00:00 +0530https://intellixbom.com/blog/dont-trust-vendor-sbom-certin/<p>Regulators across the world are finally getting serious about the software supply chain. India&rsquo;s CERT-In SBOM Technical Guidelines (v2.0, July 2025) go beyond just SBOMs they extend to a broader BOM ecosystem, including CBOM, QBOM, AIBOM, and HBOM. This makes the requirement not just about software components, but about understanding the full composition of modern systems.</p> <p>Globally, the direction is the same whether it&rsquo;s the US Executive Order 14028, the EU Cyber Resilience Act, RBI Advisory 11/2024, or MeitY&rsquo;s 2025 guidelines.</p>https://intellixbom.com/blog/beyond-sca-runtime-bom/Wed, 09 Jul 2025 10:00:00 +0530https://intellixbom.com/blog/beyond-sca-runtime-bom/<blockquote> <p><strong>Your SBOM is only telling you half the story here&rsquo;s what it&rsquo;s missing</strong></p> </blockquote> <hr> <p>Somewhere in your production environment right now, code is running that your SBOM doesn&rsquo;t capture. A library is loaded that never made it into your inventory. A cryptographic routine is executing without ever being audited. An AI model serves requests from an untracked registry. Meanwhile, your SCA tool the one behind that reassuring green dashboard has no visibility into any of it.</p>