Case Study: F5 automates SBOM generation and management with FOSSA

How F5 NGINX Automates SBOM Generation and Management

F5, a global leader in application services and security, needed to build a best-in-class SBOM program to meet government compliance requirements, improve software supply chain security, and support open source vulnerability and license management. The company also wanted to automate SBOM creation across its complex development workflows. F5 chose FOSSA to help power its SBOM program.

Using FOSSA’s dashboard, CLI, API, and CI pipeline integrations, F5 automated nightly SBOM generation and SBOMs for each release, with SPDX JSON as its chosen format. FOSSA also supported container scans and automated SBOM downloads, reducing manual work and helping F5 keep SBOMs current for customers and internal security teams.

F5

Girish Shivanna

Principal Security Engineer