BlueVoyant, the leader in integrated cybersecurity, has officially announced the launch of its Software Bill of Materials (SBOM) management offering, which is designed to help organizations reduce risk related to software.
According to certain reports, this the stated solution does by automating ingestion, analysis, and tracking of software component information from third-party software vendors.
More on the same would reveal how the development in question treads up a long distance to enhance Supply Chain Defense, BlueVoyant’s next-generation third-party cyber risk management solution which continuously monitors suppliers, vendors, and other third parties, as well as collaborates with them to quickly remediate threats.
Not just that, BlueVoyant’s SBOM solution is also supported by a partnership with Manifest, a cybersecurity company best known for securing software supply chains for corporate and government entities.
To understand the significance of such a development, though, we must take into account the latest Open Source Software Risk Analysis (OSSRA) report, where it was revealed that more than 85% of applications contain at least one software vulnerability,
Despite such high risk prevalence, though, many organizations still don’t quite have the required visibility into software design or an efficient way to assess and manage third-party SBOM information, something which often leaves them exposed to breaches, business interruption, and regulatory compliance issues.
Against that, thanks to the BlueVoyant-Manifest SBOM solution, security teams can proactively gain comprehensive insights into software risk exposure and other dependencies that their businesses may be unwittingly relying upon.
“By combining Manifest’s depth of experience in SBOM with BlueVoyant’s holistic Supply Chain Defense, clients get continuous monitoring and remediation to solve their biggest third-party cybersecurity challenges,” said Marc Frankel, CEO and co-founder, Manifest.
Talk about the whole value proposition on a slightly deeper level, we begin from a facility focused on vendor risk management. This particular facility automatically solicits SBOMs from vendors, while simultaneously assessing intuitive risk levels for vendor products before incorporating them into comprehensive third-party cyber risk management.
Next up, there is a promise for smarter vulnerability management. Here, Blue latest brainchild effectively prioritizes vulnerabilities quickly, as well as triages issues to reduce false positives and avoid unnecessary mitigation work.
Hold on, considering we haven’t yet touched upon how users can also come expecting an assortment of Open Source Software (OSS) risk management capabilities that, on their part, allow you to build an enterprise-wide inventory of OSS across first and third-party products. On top of that, they markedly let you scan OSS repositories to assess risk before implementing them.
We also haven’t touched upon the potential for simplified compliance. This translates to how the solution in question seamlessly facilitates compliance, and at the same time, provides evidence for international regulations and standards such as R155, Executive Order 14028, Section 524B, and the European Cyber Resilience Act etc.
Among other things, we ought to mention how BlueVoyant’s latest innovation builds upon the successes of its Supply Chain Defense solution, which has already secured multiple industry awards. For instance, this year it was named a winner in the Cybersecurity Excellence Awards for Supply Chain and a finalist in the SC Awards for Best Supply Chain Security.
Beyond that, it has also been recognized in the 2025 Gartner® Market Guide for Third-Party Risk Management Technology Solutions published in May 2025.
Founded in 2017, BlueVoyant’s rise up the ranks stems from bringing forth a comprehensive cloud-native security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains, even covering the uncertain space of clear, deep, and dark web. BlueVoyant’s excellence in what it does can be understood once you consider it is currently trusted by more than 1,000 clients globally. In case that wasn’t enough, the company was also named as 2024 Microsoft Worldwide Security Partner of the Year,
“Organizations in the private and public sectors are realizing that SBOM visibility is a crucial part of a proactive third-party cyber risk management program,” said Joel Molinoff, global head of Supply Chain Defense, BlueVoyant. “By enhancing BlueVoyant’s Supply Chain Defense with Manifest’s SBOM capabilities, our clients are expanding their risk visibility deeper into the software supply chain and ensuring continuous monitoring and remediation of critical threats.”
