# Living the SBOM Life Real Benefits for Compliance > [! note]- > The content of this page is generated by audio/video transcription and text transformation from the content and links of this source. Source: [https://fosdem.org/2025/schedule/event/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts/](https://fosdem.org/2025/schedule/event/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts/) <video src="https://video.fosdem.org/2025/k1105/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts.av1.webm" controls></video> ## Summary & Highlights: The session "Living the SBOM life - the good, the bad and the evil parts" at FOSDEM 2025 explores the significance of Software Bill of Materials (SBOMs) in enhancing software transparency, compliance, and risk management. Olle E. Johansson, along with Anthony Harrison, discusses the current state, challenges, and potential of SBOMs as tools for open source license compliance, vulnerability management, and more. The session emphasizes the need for collaboration and community involvement to address the gaps and improve the effectiveness of SBOMs. **Introduction to SBOMs** SBOMs are highlighted as crucial tools for ensuring open source license compliance and managing software vulnerabilities. The session outlines the simplicity of SBOM syntax and the gaps that need addressing to realize their full potential. SBOMs are positioned as essential for maintaining a secure and compliant software environment. **Current Challenges and Potential of SBOMs** The session identifies the challenges in adopting SBOMs, such as inconsistent naming conventions and incomplete vulnerability databases. It also explores the potential of SBOMs in various sectors, including the medical industry, where they are mandated. The need for standardized APIs and better integration with existing systems is emphasized to enhance SBOM utility. **Community Involvement and Future Directions** Johansson calls for increased community involvement in developing and standardizing SBOMs. The session introduces Project Koala, an initiative to create a standardized Transparency Exchange API, and encourages participants to contribute. The importance of collaboration in overcoming technical and legislative hurdles is stressed. **Conclusion and Call to Action** The session concludes with a call to action for the open source community to engage in the SBOM movement. By participating in projects and contributing to standards development, individuals can help advance software transparency and compliance, ultimately contributing to a more sustainable and secure software ecosystem. ## Importance for an eco-social transformation SBOMs play a vital role in eco-social transformation by promoting transparency and accountability in software development. They help identify and mitigate risks associated with software vulnerabilities, contributing to a more secure and sustainable digital environment. For eco-social designers, SBOMs offer tools for ensuring compliance with open source licenses and managing supply chain risks. Challenges include the need for standardized naming conventions and comprehensive vulnerability databases. Socially, SBOMs can empower communities to better understand and manage the software they rely on, fostering a culture of openness and collaboration. Politically, the alignment of SBOM practices with legislative requirements like the Cyber Resilience Act is crucial for widespread adoption. ## Links [SBOM Europe](https://sbom-europe.org) - A platform for SBOM initiatives in Europe [OWASP CycloneDX Transparency Exchange API](https://owasp.org/www-project-cyclonedx/) - Information on the CycloneDX project and its API [Video recording (AV1/WebM)](https://video.fosdem.org/2025/k1105/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts.av1.webm) - Watch the session recording in AV1/WebM format [Video recording (MP4)](https://video.fosdem.org/2025/k1105/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts.av1.mp4) - Watch the session recording in MP4 format [Video recording subtitle file (VTT)](https://video.fosdem.org/2025/k1105/fosdem-2025-5859-living-the-sbom-life-the-good-the-bad-and-the-evil-parts.vtt) - Subtitle file for the session video