{"id":864,"date":"2025-05-09T22:37:46","date_gmt":"2025-05-10T03:37:46","guid":{"rendered":"https:\/\/stagefoursecurity.com\/blog\/?p=864"},"modified":"2025-05-09T22:37:46","modified_gmt":"2025-05-10T03:37:46","slug":"sbom-and-dependency-hygiene","status":"publish","type":"post","link":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/","title":{"rendered":"SBOM and Dependency Hygiene"},"content":{"rendered":"<article>\n<header>\n<h1>\ud83d\udcc4 Dependency Hygiene and SBOMs: Your Software Needs a Bill of Materials<\/h1>\n<p><em>By James K. Bishop, vCISO | Founder, <a href=\"https:\/\/stagefoursecurity.com\" target=\"_blank\" rel=\"noopener\">Stage Four Security<\/a><\/em><\/p>\n<\/header>\n<section><a href=\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignright wp-image-878\" src=\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png\" alt=\"\" width=\"400\" height=\"267\" srcset=\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png 300w, https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-1024x683.png 1024w, https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-768x512.png 768w, https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png 1536w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/a>Ask a developer what\u2019s in their app, and they\u2019ll tell you what they wrote. But most modern apps contain 70\u201390% third-party code\u2014dependencies, libraries, and transitive packages pulled from the internet. And that code is a black box unless you\u2019re tracking it.<\/p>\n<p>This post shows how to practice better dependency hygiene and generate Software Bills of Materials (SBOMs) that bring transparency to your software supply chain.<\/p>\n<\/section>\n<section>\n<h2>\ud83e\uddfc What Is Dependency Hygiene?<\/h2>\n<p>Dependency hygiene is the practice of managing your software\u2019s external components with the same rigor as your own code.<\/p>\n<ul>\n<li><strong>Tracking versions:<\/strong> Pinning and documenting which versions are in use<\/li>\n<li><strong>Auditing sources:<\/strong> Verifying who maintains them and how often they\u2019re updated<\/li>\n<li><strong>Reducing sprawl:<\/strong> Eliminating redundant or unused packages<\/li>\n<li><strong>Assessing risk:<\/strong> Scanning for known CVEs, license risks, and suspicious behavior<\/li>\n<\/ul>\n<\/section>\n<section>\n<h2>\ud83d\udce6 Enter SBOMs: X-Ray Vision for Your Codebase<\/h2>\n<p>A Software Bill of Materials (SBOM) is a structured list of all components in a software system, including:<\/p>\n<ul>\n<li>Direct and transitive dependencies<\/li>\n<li>Version numbers and cryptographic hashes<\/li>\n<li>Licenses and authorship metadata<\/li>\n<li>Package sources (e.g., npm, PyPI, Maven Central)<\/li>\n<\/ul>\n<p>It\u2019s like a parts list for your app\u2014useful for audits, disclosures, and incident response.<\/p>\n<\/section>\n<section>\n<h2>\ud83d\udcca Why SBOMs Matter<\/h2>\n<ul>\n<li>\ud83d\udd0d <strong>Transparency:<\/strong> You can\u2019t defend what you don\u2019t know you\u2019re using<\/li>\n<li>\u26a0\ufe0f <strong>Rapid triage:<\/strong> When a new CVE (e.g., Log4Shell) hits, SBOMs help you know if you\u2019re exposed<\/li>\n<li>\ud83d\udccb <strong>Compliance:<\/strong> Mandated by U.S. Executive Order 14028 and growing in global security standards<\/li>\n<li>\ud83c\udfed <strong>Supply chain assurance:<\/strong> Required by many enterprise procurement and third-party risk programs<\/li>\n<\/ul>\n<\/section>\n<section>\n<h2>\ud83d\udee0\ufe0f How to Generate and Use SBOMs<\/h2>\n<ul>\n<li><strong>Tools:<\/strong> CycloneDX, SPDX, Syft, Trivy, Anchore, OWASP Dependency-Track<\/li>\n<li><strong>Integrate into CI\/CD:<\/strong> Generate SBOMs automatically at build time for each release<\/li>\n<li><strong>Store securely:<\/strong> Use artifact repositories or DevSecOps pipelines to version and retain SBOMs<\/li>\n<li><strong>Link to vulnerability scanners:<\/strong> Tie SBOM outputs to SCA tools for real-time risk analysis<\/li>\n<\/ul>\n<\/section>\n<section>\n<h2>\u2699\ufe0f Pro Tips for Dependency Hygiene<\/h2>\n<ul>\n<li>\ud83d\udccc <strong>Use version pinning and lockfiles:<\/strong> Prevent dependency drift<\/li>\n<li>\ud83d\udd01 <strong>Review packages regularly:<\/strong> Prune unused libraries and stale dependencies<\/li>\n<li>\ud83c\udff7\ufe0f <strong>Tag critical dependencies:<\/strong> Track components that process payments, credentials, or PII<\/li>\n<li>\ud83d\udce6 <strong>Prefer smaller, single-purpose libraries:<\/strong> Easier to audit and maintain<\/li>\n<\/ul>\n<\/section>\n<section>\n<h2>\ud83d\udce3 Final Thought<\/h2>\n<p>Modern software is a supply chain. Your code is only as secure as the components it includes\u2014and the clarity you have over them. SBOMs aren\u2019t just for regulators\u2014they\u2019re for builders who care about trust, resilience, and traceability in the systems they ship.<\/p>\n<p><strong>Need help generating SBOMs, vetting your dependencies, or integrating tools like CycloneDX and Syft?<\/strong> <a href=\"https:\/\/stagefoursecurity.com\/blog\/partner-with-stage-four-security\/\" target=\"_blank\" rel=\"noopener\">Let\u2019s talk<\/a>.<\/p>\n<\/section>\n<\/article>\n","protected":false},"excerpt":{"rendered":"<p>\ud83d\udcc4 Dependency Hygiene and SBOMs: Your Software Needs a Bill of Materials By James K. Bishop, vCISO | Founder, Stage [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[19],"tags":[],"class_list":["post-864","post","type-post","status-publish","format-standard","hentry","category-supply-chain-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SBOM and Dependency Hygiene - Stage Four Security Blog<\/title>\n<meta name=\"description\" content=\"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SBOM and Dependency Hygiene - Stage Four Security Blog\" \/>\n<meta property=\"og:description\" content=\"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\" \/>\n<meta property=\"og:site_name\" content=\"Stage Four Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-10T03:37:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"stagefoursec\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"stagefoursec\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\"},\"author\":{\"name\":\"stagefoursec\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/9224811ebe1947fee603931e220ecfde\"},\"headline\":\"SBOM and Dependency Hygiene\",\"datePublished\":\"2025-05-10T03:37:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\"},\"wordCount\":439,\"publisher\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png\",\"articleSection\":[\"Supply Chain Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\",\"url\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\",\"name\":\"SBOM and Dependency Hygiene - Stage Four Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png\",\"datePublished\":\"2025-05-10T03:37:46+00:00\",\"description\":\"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.\",\"breadcrumb\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage\",\"url\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png\",\"contentUrl\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png\",\"width\":1536,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/stagefoursecurity.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SBOM and Dependency Hygiene\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#website\",\"url\":\"https:\/\/stagefoursecurity.com\/blog\/\",\"name\":\"Stage Four Security Blog\",\"description\":\"Protecting today, fortifying tomorrow\",\"publisher\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/stagefoursecurity.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#organization\",\"name\":\"Stage Four Security Blog\",\"url\":\"https:\/\/stagefoursecurity.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/02\/cropped-Stage-Four-Security-Blog-Logo-1000x150-1.png\",\"contentUrl\":\"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/02\/cropped-Stage-Four-Security-Blog-Logo-1000x150-1.png\",\"width\":1000,\"height\":150,\"caption\":\"Stage Four Security Blog\"},\"image\":{\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/9224811ebe1947fee603931e220ecfde\",\"name\":\"stagefoursec\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/fdb94f17254222fa9c8b7db050a58a5fa4fb24ae32e20e7e1974b87b01a751d4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/fdb94f17254222fa9c8b7db050a58a5fa4fb24ae32e20e7e1974b87b01a751d4?s=96&d=mm&r=g\",\"caption\":\"stagefoursec\"},\"sameAs\":[\"https:\/\/stagefoursecurity.com\/blog\"],\"url\":\"https:\/\/stagefoursecurity.com\/blog\/author\/admin_w171pcka\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SBOM and Dependency Hygiene - Stage Four Security Blog","description":"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/","og_locale":"en_US","og_type":"article","og_title":"SBOM and Dependency Hygiene - Stage Four Security Blog","og_description":"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.","og_url":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/","og_site_name":"Stage Four Security Blog","article_published_time":"2025-05-10T03:37:46+00:00","og_image":[{"width":1536,"height":1024,"url":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png","type":"image\/png"}],"author":"stagefoursec","twitter_card":"summary_large_image","twitter_image":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png","twitter_misc":{"Written by":"stagefoursec","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#article","isPartOf":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/"},"author":{"name":"stagefoursec","@id":"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/9224811ebe1947fee603931e220ecfde"},"headline":"SBOM and Dependency Hygiene","datePublished":"2025-05-10T03:37:46+00:00","mainEntityOfPage":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/"},"wordCount":439,"publisher":{"@id":"https:\/\/stagefoursecurity.com\/blog\/#organization"},"image":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage"},"thumbnailUrl":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png","articleSection":["Supply Chain Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/","url":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/","name":"SBOM and Dependency Hygiene - Stage Four Security Blog","isPartOf":{"@id":"https:\/\/stagefoursecurity.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage"},"image":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage"},"thumbnailUrl":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs-300x200.png","datePublished":"2025-05-10T03:37:46+00:00","description":"Learn how to use Software Bills of Materials (SBOMs) to track, verify, and manage dependencies\u2014improving visibility and reducing software supply chain risk.","breadcrumb":{"@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#primaryimage","url":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png","contentUrl":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/05\/Supply-Chain-SBOMs.png","width":1536,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/stagefoursecurity.com\/blog\/2025\/05\/09\/sbom-and-dependency-hygiene\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/stagefoursecurity.com\/blog\/"},{"@type":"ListItem","position":2,"name":"SBOM and Dependency Hygiene"}]},{"@type":"WebSite","@id":"https:\/\/stagefoursecurity.com\/blog\/#website","url":"https:\/\/stagefoursecurity.com\/blog\/","name":"Stage Four Security Blog","description":"Protecting today, fortifying tomorrow","publisher":{"@id":"https:\/\/stagefoursecurity.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/stagefoursecurity.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/stagefoursecurity.com\/blog\/#organization","name":"Stage Four Security Blog","url":"https:\/\/stagefoursecurity.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/02\/cropped-Stage-Four-Security-Blog-Logo-1000x150-1.png","contentUrl":"https:\/\/stagefoursecurity.com\/blog\/wp-content\/uploads\/2025\/02\/cropped-Stage-Four-Security-Blog-Logo-1000x150-1.png","width":1000,"height":150,"caption":"Stage Four Security Blog"},"image":{"@id":"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/9224811ebe1947fee603931e220ecfde","name":"stagefoursec","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/stagefoursecurity.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/fdb94f17254222fa9c8b7db050a58a5fa4fb24ae32e20e7e1974b87b01a751d4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fdb94f17254222fa9c8b7db050a58a5fa4fb24ae32e20e7e1974b87b01a751d4?s=96&d=mm&r=g","caption":"stagefoursec"},"sameAs":["https:\/\/stagefoursecurity.com\/blog"],"url":"https:\/\/stagefoursecurity.com\/blog\/author\/admin_w171pcka\/"}]}},"_links":{"self":[{"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/posts\/864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/comments?post=864"}],"version-history":[{"count":3,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/posts\/864\/revisions"}],"predecessor-version":[{"id":885,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/posts\/864\/revisions\/885"}],"wp:attachment":[{"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/media?parent=864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/categories?post=864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stagefoursecurity.com\/blog\/wp-json\/wp\/v2\/tags?post=864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}