Case Study: VMware achieves SBOM compliance for 100+ services with Endor Labs

VMware Achieves SBOM Compliance for Over 100 Services with Endor Labs

VMware's Global InfoSec Compliance team was faced with the massive challenge of building a scalable and repeatable process to collect, verify, and attest to Software Bill of Materials (SBOMs) from all internal business units and external vendors. This was a complex undertaking driven by an executive order, and the team needed a solution to centrally manage thousands of SBOMs, ensure their integrity, and gain visibility into associated risks.

By implementing Endor Labs, VMware gained a solution that automatically analyzes and ensures the integrity of SBOMs at scale. The platform's support for generating and annotating VEX documents was a key factor. This allowed the team to ingest and centrally manage SBOMs for over 100 services, continuously monitor for new risks, and quickly make remediation decisions, saving significant time and providing the assurance needed for executive attestation.

VMWare