<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Finding #7: 78% of organizations are already using SBOMs for application development or have plans to in the next year

Chris Grams
by Chris Grams
on May 26, 2022

Updated on June 16, 2022

Don't miss the latest from Tidelift

In December of 2021, Tidelift fielded our annual survey of technologists who use open source to build applications at work. Nearly 700 people shared how they use open source software today, what holds them back, and what tools and strategies help them use it even more effectively.

In this post, we share the last of seven key findings. If you want to have all of the results in one place, you can download the full survey report right now at the link below.

Download Survey


In our previous finding, we shared how the White House executive order on cybersecurity accelerated a conversation that was already happening in many organizations about the importance of creating and maintaining accurate software bills of materials (SBOMs).

As part of this year’s survey, we wanted to understand more about how organizations are using SBOMs today. So we asked a follow up question to respondents who indicated they were familiar with the White House executive order on cybersecurity.

The vast majority of these respondents (78%) reported that they are already using SBOMs in some way or have plans to in the next year. Almost half (46%) already use them for a few, most, or all applications, while an additional 18% are piloting or actively evaluating in test environments. Only 22% of respondents have no plans to use SBOMs.


In the largest organizations with over 10,000 employees, an even higher percentage of respondents (84%) are actively using SBOMs or have plans to in the next year.

Meanwhile, 28% of the smallest organizations have no plans to use SBOMs, as compared to 16% in the largest organizations.


We hope you found some useful and actionable information in this blog post. If you’d like to get notified as future posts and surveys come out, please sign up for our blog digest here. Or if you want to see all of the results in one place, download the full survey results today!

New call-to-action