SBOM

A structured inventory of all components, libraries, and dependencies in a software product -- the ingredient list for software. Executive Order 14028 made SBOMs a requirement for software sold to the US government. In M&A diligence, an SBOM tells you what open-source components are in the target's product, what licenses apply, and where known vulnerabilities exist. Without one, you're buying a black box.