Get in touch:
info@finitestate.io

Gartner Hype Cycle for Application Security, 2024

"SBOMs aim to solve a fundamental problem with sharing open-source and third-party software" according to Gartner®.

"While organizations can use the same components, it's inefficient to duplicate efforts around tracking vulnerabilities and analyzing compliance violations. SBOM standards such as Software Package Data Exchange (SPDX) and CycloneDX establish a common infrastructure and a data exchange format to share details about software packages. This standardization reduces time to remediate issues through better collaboration between organization."

Today’s connected devices bring powerful capability—and hidden supply chain risks—through the software and firmware they rely on. This is where Software Bills of Materials (SBOMs) become essential.

SBOMs provide the transparency needed to address the unique challenges of using shared open-source and third-party software. By cataloging every component, SBOMs enable organizations to identify and track vulnerabilities, detect compliance issues, and ensure proactive security measures across the product lifecycle.

In the 2024 Hype Cycle™ for Application Security, Gartner® highlights the transformative impact of SBOMs as a necessity for modern manufacturing environments where security and agility must coexist. 

Finite State is named in this Gartner® Hype CycleTM, which you can read to learn why the seamless integration of SBOMs into software development, packaging, and release activities will be critical for their widespread adoption.

 

Gartner®, Hype CycleTM for Application Security, 2024, 24 July 2024, Pgs. 31-35. By Dionioso Zumerle

GARTNER is a registered trademark and service mark of Gartner® and Hype CycleTM is a registered trade mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner® does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner® research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner® disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

Logo_Gartner_on_white
figure1 (1)