Software programs today can be likened to complex stews with multiple ingredients sourced from disparate places. Open-source tools are a major ingredient, comprising 70% of code overall, according to the 2020 Open Source Security and Risk Analysis report. DevSecOps teams must maintain and monitor third-party components that make up modern software, using a software bill of materials (SBOM) to help with this work. The concept of SBOMs has recently come into prominence due to events such as attacks on companies' software supply chains, the Solarwinds hack, and the May 2021 U.S. Presidential Executive Order on Improving the Nation's Cybersecurity, which requires software vendors to provide SBOMs to the U.S. federal government. An SBOM is a list of all components and dependencies in a piece of software, including open source and proprietary software, and should explicitly state if there are any missing elements to the inventory. The minimum required elements of an SBOM include data fields, automation support, practices and processes, and standards for delivery. Any organization that produces, purchases, or operates software will benefit from an SBOM, which can help with regulatory compliance, merger and acquisition due diligence, vulnerability remediation, and generating customer loyalty. Misconceptions about SBOMs are common, but they do not require public exposure and are primarily a defensive document to counter attacks and correct vulnerabilities quickly. The use of SBOMs has additional benefits, including reducing the chance of supply chain attacks, generating customer loyalty, and reducing operational costs.