Supply Chain Security

An SBOM and vulnerability management guide for software supply chain security.

Here to Submit an SBOM?

If you are a supplier delivering software to SK Telecom, start right away with the Supplier Guide. Submission takes four steps.

  1. Check the requirements in the Supplier Guide.
  2. Generate the SBOM following How to Generate an SBOM, choosing a tool such as BomLens. For a commercial finished product made by a third party, obtain the SBOM from the manufacturer and submit it.
  3. Check it against the Validation Checklist before submitting.
  4. Submit it following the Submission Process.

New to Supply Chain Security?

As regulations tighten in the United States and Europe, SBOM (Software Bill of Materials) management and systematic vulnerability response have become essential. To learn the background step by step, we recommend the following order.

  1. What Is Supply Chain Security?: Explains supply chain attack cases, why security matters, the global regulatory landscape, and SK Telecom’s policy.
  2. What Is an SBOM?: Covers SBOM concepts and standards (SPDX, CycloneDX).

Contact

If you have any questions regarding supply chain security, please refer to the following.


Supplier SBOM Submission Guide

An SBOM generation and submission guide for partner companies that supply software to SK Telecom.

Software Supply Chain Attacks and the Need for Security

Introduces the importance of software supply chain security, recent threat trends, and the essential strategies for defending against them.

What Is an SBOM?

Guides developers and administrators through the core concepts of an SBOM and the industry standards.