DORA
SBOM and DORA
The EU DORA strongly emphasizes robust ICT risk management frameworks including tracking third-party and open-source libraries simplified by SBOM.
Get Started.png)
The EU DORA strongly emphasizes robust ICT risk management frameworks including tracking third-party and open-source libraries simplified by SBOM.
Get Started
The European Union's Digital Operational Resilience Act (DORA) emphasizes strengthening IT security for financial entities through the coverage of ICT risk management, third-party risk management, resilience testing, incident reporting, information sharing and oversight of third-party providers.
DORA requires tracking 'third-party libraries, including open-source' whether developed internally or by a third-party service provider. This is most easily tracked and managed by machine-readable SBOM - for all types of software components, including open source.
DORA Article 10 also requires for any included component 'monitor the version and possible updates of the third-party libraries, including open-source libraries'. This reinforces that instead of a passive checklist, the intent of the regulation is active monitoring of software components for underlying risks - most easily achieved by SBOM integrated with SDLC.
DORA Article 19 also mandates resilience testing and incident response capabilities. SBOMs are designed to minimize response times for zero-day vulnerabilities by tracking software components and their associated vulnerabilities.
Interlynk SBOM Automation Platform is for building products securely, streamlining compliance and eliminating manual steps. Our solution is designed to be cost-effective and efficient, saving you valuable time and resources.
See it in Action
