Keysight Technologies, Inc. Launches SBOM Manager to Help Organizations Prepare for Emerging Global Cybersecurity Regulations

Keysight Technologies, Inc. announced the launch of Keysight SBOM Manager, a new solution designed to help organizations meet growing global cybersecurity and software transparency requirements, led by the European Union?s Cyber Resilience Act (CRA). The solution provides a unified approach to generating, managing, and using Software Bill of Materials (SBOMs) for digital products, enabling organizations to meet regulatory obligations with greater accuracy, confidence, and consistency across the product lifecycle. Keysight SBOM Manager enables organizations to generate, manage, and securely share Software Bills of Materials, improving software transparency and supporting compliance with global cybersecurity regulations.

Keysight SBOM Manager is designed to support this shift by addressing the practical challenges organizations face as SBOM requirements expand. The solution enables broader and more accurate visibility into digital products by analyzing binary software, firmware, containers, and other packaged components, including closed-source and deeply embedded dependencies. It continuously correlates SBOMs with multiple authoritative vulnerability sources, intelligently filters out vulnerabilities that are not applicable, and supports the use of Vulnerability Exploitability eXchange (VEX).

This enables teams to focus on meaningful risk rather than being overwhelmed by raw vulnerability data. In addition, Keysight SBOM Manager supports secure and scalable sharing of SBOMs and vulnerability information through controlled, role-based access and version tracking, helping organizations meet regulatory and customer transparency expectations. Built-in validation and normalization help ensure SBOMs align with evolving standards and regulatory minimum requirements, while support for SBOM consumers enables organizations to ingest, manage, and map SBOMs to deployed digital assets, connecting transparency directly to real operational environments.

The EU CRA, which comes into force in 2026, requires manufacturers of connected digital products to implement cybersecurity risk management, maintain SBOMs, and report actively exploited vulnerabilities within 24 hours. Similar expectations are already in place through U.S. Executive Order 14028 and FDA cybersecurity guidance, while regulators in India, Japan, and South Korea are formalizing SBOM requirements across regulated sectors. Failure to comply can result in penalties, delayed approvals, recalls, or restricted market access.

By bringing together accurate SBOM generation for digital products, continuous vulnerability intelligence, secure sharing, data quality assurance, prioritization, and consumer-side visibility in a single platform, Keysight SBOM Manager helps organizations reduce regulatory risk, improve vulnerability response, and build greater trust across global digital supply chains.