{"id":70889,"date":"2021-11-02T08:18:43","date_gmt":"2021-11-02T12:18:43","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?p=70889"},"modified":"2025-11-13T20:20:32","modified_gmt":"2025-11-13T18:20:32","slug":"sbom-what-it-is-and-why-you-should-care","status":"publish","type":"post","link":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/","title":{"rendered":"SBOM: What It Is and Why You Should Care"},"content":{"rendered":"<p>Most health-conscious people pay close attention to labels in the grocery store. They want to know what\u2019s in their food before they eat it, and they tend to make choices based on the ingredients, additives, preservatives, nutritional value, etc. The labels, and especially expiration dates, let buyers know if the food is healthy and safe to consume.<\/p>\n\n\n\n<p>In this same way, it\u2019s important to know what\u2019s in your software before using it, so you know its ingredients are safe for your organization to consume. Since most software today is made up of open source components, combined with proprietary code (e.g., business logic) that makes everything work, having a list of all open-source ingredients in the software you consume allows your organization to manage risk more effectively.<\/p>\n\n\n\n<p>Therefore, leaning on what the manufacturing industry calls a \u201cbill of materials\u201d (BOM), we have the software BOM, or SBOM. An SBOM contains an accurate list of all open-source software ingredients found in a software-based product. With this in mind\u2014and due to a number of recent and notorious open-source supply chain attacks drawing the attention of security experts, industry advocates, and even the US federal government\u2014the current administration decided to act with regard to SBOMs.<\/p>\n\n\n\n<p>On May 12, 2021, President Biden issued <a href=\"https:\/\/www.federalregister.gov\/executive-order\/14028\" target=\"_blank\" rel=\"noreferrer noopener\">Executive Order 14028<\/a>, \u201cImproving the Nation\u2019s Cybersecurity,\u201d which states: \u201cThe term \u2018Software Bill of Materials\u2019 or \u2018SBOM\u2019 means a formal record containing the details and supply chain relationships of various components used in building software. Software developers and vendors often create products by assembling existing open-source and commercial software components.\u201d<\/p>\n\n\n\n<p>Security experts agree that an initial step toward the EO&#8217;s goal of enhancing software supply chain security is <strong>transparency<\/strong>, and an SBOM is now required for anyone selling software to the US federal government and its agencies. So, do organizations that develop their own software in-house, to be used solely to support their own operations, need SBOMs for their own applications? The answer is likely yes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\">Why an SBOM for the Software You Develop Makes Sense<\/h2>\n\n\n\n<p>In the past, organizations that developed their own software applications primarily did it in-house. Developers and security teams knew the origins of the core components that made up their applications and had full control over the recipe, so to speak. However, this model is no longer acceptable to most organizations, primarily due to time-to-market demands. Management and customers alike expect faster and more frequent releases\/updates thanks to their familiarity with some of the media and retail giants that update their applications and release new builds on a daily basis\u2014if not more frequently.<\/p>\n\n\n\n<p>This rapid-release capability is largely owed to more organizations integrating significant amounts of open source into their application stacks. Due to this move, the open-source supply chain, community, and contributors are expanding exponentially. Even a weekly build might pull in loads of open source components that may have been updated by the community since the last version in use, and if developers and security teams don\u2019t allow the updates to be performed within their own applications, they will be deploying builds with potentially known vulnerabilities. If any of your applications import libraries from NPM, Maven Central, or any other registry, then you are using open-source in your codebase.<\/p>\n\n\n\n<p>If you have complete knowledge of what open-source \u201cingredients\u201d are required to build or compile the applications your organization relies on, then you can mitigate a number of risks when trying to improve the security of your applications. Therefore, if a new vulnerability (e.g., CVE) is issued, you can confirm if you are affected by comparing known vulnerable versions against your existing SBOM. If you have matches, you can quickly determine which issues must be resolved before the next build is released.<\/p>\n\n\n\n<p>Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of. The first is as follows.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">SBOMS Are Not Spreadsheets<\/h2>\n\n\n\n<p>Generating an SBOM report may sound relatively simple, but in most cases, it\u2019s not. As you likely know, modern software projects make use of a long list of third-party open-source packages, each of which often calls on many other packages as dependencies. This can create an extensive tree of dependencies being used by your software in the form of direct dependencies, dependencies of dependencies, and so on. Simply put, trying to create and manage an SBOM using a spreadsheet is nearly impossible, and if you attempt to manage your open-source usage in this fashion, it will likely get out of hand very quickly.&nbsp;<\/p>\n\n\n\n<p>At the end of the day, SBOMs just make sense. Understanding your own risk profile and doing everything possible to effectively manage and reduce your organization\u2019s risk falls into the realm of <em>due care<\/em>, which is defined as, \u201cthe standard of care a reasonable person would exercise in the same situation or under similar circumstances.\u201d If due care is not being upheld, then your organization, your developers, and your security teams could be viewed as negligent.<\/p>\n\n\n\n<p>In the next blog in this SBOM\/Software Supply Chain series, we\u2019ll discuss what an SBOM report should include and highlight the easiest approach to generating a high-quality SBOM report using <a href=\"https:\/\/checkmarx.com\/cxsca-open-source-scanning\/\" target=\"_blank\" rel=\"noreferrer noopener\">Checkmarx Software Composition Analysis (CxSCA) solution\u00a0 <\/a>.<\/p>\n\n\n\n<p>To see an SBOM being created live, don\u2019t hesitate to request a demo <a href=\"https:\/\/checkmarx.com\/request-a-demo\/\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>.<\/p>\n\n\n\n<p>To learn more, don\u2019t forget to <a href=\"https:\/\/info.checkmarx.com\/webinar\/technical-meetup-series\" target=\"_blank\" rel=\"noreferrer noopener\">join our Technical Meetup Series<\/a> to dive into topics like SBOM and open-source libraries. Checkmarx experts Alex Cohen, James Brotsos, and I will walk you through security vulnerabilities you might not even know you had. We\u2019ll also discuss the latest industry trends and application security best practices. It\u2019ll be an interactive discussion, so bring your questions and pick our brains about how to improve your processes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Download Our Ultimate Guide to SCA <a href=\"https:\/\/info.checkmarx.com\/ultimate-guide-software-compositon-analysis-ebook\" target=\"_blank\" rel=\"noreferrer noopener\">Here<\/a>\n<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/info.checkmarx.com\/ultimate-guide-software-compositon-analysis-ebook\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/Screenshot-2021-11-02-080702-1024x628-1.jpg\" alt=\"\" class=\"wp-image-94407\"><\/a><\/figure>","protected":false},"excerpt":{"rendered":"<p>Most health-conscious people pay close attention to labels in the grocery store. They want to know what\u2019s in their food before they eat it, and they tend to make choices based on the ingredients, additives, preservatives, nutritional value, etc. The labels, and especially expiration dates, let buyers know if the food is healthy and safe [&hellip;]<\/p>\n","protected":false},"author":15,"featured_media":70891,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[84],"tags":[190,383,178,179,385],"class_list":["post-70889","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-english","tag-sbom","tag-sca","tag-software-composition-analysis","tag-supply-chain-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SBOM: What It Is and Why You Should Care - Checkmarx.com<\/title>\n<meta name=\"description\" content=\"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SBOM: What It Is and Why You Should Care\" \/>\n<meta property=\"og:description\" content=\"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-02T12:18:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T18:20:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Stephen Gates\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"SBOM: What It Is and Why You Should Care\" \/>\n<meta name=\"twitter:description\" content=\"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Stephen Gates\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\"},\"author\":{\"name\":\"Stephen Gates\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/1ea38abd0315d0956c3c9c173724345b\"},\"headline\":\"SBOM: What It Is and Why You Should Care\",\"datePublished\":\"2021-11-02T12:18:43+00:00\",\"dateModified\":\"2025-11-13T18:20:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\"},\"wordCount\":1001,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\",\"keywords\":[\"English\",\"SBOM\",\"SCA\",\"Software Composition Analysis\",\"SSCS\"],\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\",\"url\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\",\"name\":\"SBOM: What It Is and Why You Should Care - Checkmarx.com\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\",\"datePublished\":\"2021-11-02T12:18:43+00:00\",\"dateModified\":\"2025-11-13T18:20:32+00:00\",\"description\":\"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg\",\"width\":1024,\"height\":512},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/1ea38abd0315d0956c3c9c173724345b\",\"name\":\"Stephen Gates\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_15.png\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_15.png\",\"caption\":\"Stephen Gates\"},\"url\":\"https:\/\/checkmarx.com\/author\/stephen\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SBOM: What It Is and Why You Should Care - Checkmarx.com","description":"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/","og_locale":"en_US","og_type":"article","og_title":"SBOM: What It Is and Why You Should Care","og_description":"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.","og_url":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_published_time":"2021-11-02T12:18:43+00:00","article_modified_time":"2025-11-13T18:20:32+00:00","og_image":[{"width":1024,"height":512,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","type":"image\/jpeg"}],"author":"Stephen Gates","twitter_card":"summary_large_image","twitter_title":"SBOM: What It Is and Why You Should Care","twitter_description":"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.","twitter_image":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","twitter_creator":"@checkmarx","twitter_site":"@checkmarx","twitter_misc":{"Written by":"Stephen Gates","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/"},"author":{"name":"Stephen Gates","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/1ea38abd0315d0956c3c9c173724345b"},"headline":"SBOM: What It Is and Why You Should Care","datePublished":"2021-11-02T12:18:43+00:00","dateModified":"2025-11-13T18:20:32+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/"},"wordCount":1001,"commentCount":0,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","keywords":["English","SBOM","SCA","Software Composition Analysis","SSCS"],"articleSection":["Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/","url":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/","name":"SBOM: What It Is and Why You Should Care - Checkmarx.com","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","datePublished":"2021-11-02T12:18:43+00:00","dateModified":"2025-11-13T18:20:32+00:00","description":"Ultimately, having a better view of the open-source that your applications depend on will give you a clear view of your own vulnerabilities and associated risks. However, there are quite a few caveats concerning SBOMs that you should be aware of.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/blog\/sbom-what-it-is-and-why-you-should-care\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2021\/11\/shutterstock_1519001843.jpg","width":1024,"height":512},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/1ea38abd0315d0956c3c9c173724345b","name":"Stephen Gates","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_15.png","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_15.png","caption":"Stephen Gates"},"url":"https:\/\/checkmarx.com\/author\/stephen\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts\/70889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/comments?post=70889"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/posts\/70889\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/70891"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=70889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/categories?post=70889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/tags?post=70889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}