Keysight SBOM Generator
技术资料
The Keysight SBOM Generator is a next-generation binary analysis engine that enables organizations to produce highly accurate, regulator-ready Software Bill of Materials (SBOMs) directly from compiled binaries and firmware images without requiring access to source code or build systems. It uses patent-pending binary similarity analysis and code emulation techniques to detect both open-source and closed-source components.
By analyzing the deployed software itself, the Keysight SBOM Generator can identify third-party, closed-source, and open-source components that may be missing from build-time SBOMs, including components introduced during packaging, integration, or OEM supply.
SBOMs are generated in SPDX 2.3 and CycloneDX 1.6 formats, supporting compliance with global cybersecurity and supply chain transparency requirements such as US NTIA CISA guidance, EU CRA, FDA medical device cybersecurity guidance, BSI TR-03183, CERT India SBOM Guidelines, Japan METI, and other regional and industry mandates.
While aligned with SBOM standards, metadata completeness can vary depending on available information from the analyzed binary. In such cases, the Keysight SBOM Generator includes all reliably identifiable details, representing available and missing data in the output.