Keysight Technologies, Inc. announced the launch of Keysight SBOM Manager, a new solution designed to help organizations meet growing global cybersecurity and software transparency requirements, led by the European Union’s Cyber Resilience Act (CRA). The solution provides a unified approach to generating, managing, and using Software Bill of Materials (SBOMs) for digital products, enabling organizations to meet regulatory obligations with greater accuracy, confidence, and consistency across the product lifecycle.
Cybersecurity regulations worldwide are converging on a common expectation: manufacturers must understand, manage, and disclose the components within their digital products, including software and firmware. Regulations such as the EU CRA, U.S. Executive Order 14028, U.S. Food and Drug Administration (FDA) cybersecurity requirements for medical devices, and emerging frameworks in Asia are making SBOMs a foundational requirement for market access, regulatory approval, and customer trust worldwide.
Keysight SBOM Manager is designed to support this shift by addressing the practical challenges organizations face as SBOM requirements expand. The solution enables broader and more accurate visibility into digital products by analyzing binary software, firmware, containers, and other packaged components, including closed-source and deeply embedded dependencies. It continuously correlates SBOMs with multiple authoritative vulnerability sources, intelligently filters out vulnerabilities that are not applicable, and supports the use of Vulnerability Exploitability eXchange (VEX). This enables teams to focus on meaningful risk rather than being overwhelmed by raw vulnerability data.
Also Read: Userful InfinityAI Enables Unified Situational Awareness Across Cyber, Physical, and Operational Security
In addition, Keysight SBOM Manager supports secure and scalable sharing of SBOMs and vulnerability information through controlled, role-based access and version tracking, helping organizations meet regulatory and customer transparency expectations. Built-in validation and normalization help ensure SBOMs align with evolving standards and regulatory minimum requirements, while support for SBOM consumers enables organizations to ingest, manage, and map SBOMs to deployed digital assets, connecting transparency directly to real operational environments.
Ram Periakaruppan, Vice President and General Manager, Network Test & Security Solutions at Keysight, said: “As cybersecurity regulations mature, SBOMs are becoming a prerequisite for doing business globally. Keysight SBOM Manager helps organizations meet these requirements with confidence by bringing accuracy, consistency, and scalability to SBOM generation and management.”
The EU CRA, which comes into force in 2026, requires manufacturers of connected digital products to implement cybersecurity risk management, maintain SBOMs, and report actively exploited vulnerabilities within 24 hours. Similar expectations are already in place through U.S. Executive Order 14028 and FDA cybersecurity guidance, while regulators in India, Japan, and South Korea are formalizing SBOM requirements across regulated sectors. Failure to comply can result in penalties, delayed approvals, recalls, or restricted market access.
By bringing together accurate SBOM generation for digital products, continuous vulnerability intelligence, secure sharing, data quality assurance, prioritization, and consumer-side visibility in a single platform, Keysight SBOM Manager helps organizations reduce regulatory risk, improve vulnerability response, and build greater trust across global digital supply chains.
Source: BusinessWire