This NSA guidance for SBOM implementation to help companies improve cybersecurity protections for the software supply chain is far superior to previous documents published by the ESF initiative under NSA.
Well done NSA, very practical and achievable recommendations to implement SBOM and reap its benefits for cyber-risk management. This set of NSA recommendations aligns well with previous guidance provided here on Energy Central.
Watch out for those CISA KEV's, they can ruin your day, in short order!