The SPDX project aims to standardize how software bill of materials (SBOM) are defined and provided, with a machine-readable format that the industry can build tooling around to solve supply chain problems. This is increasingly helpful in solving software security challenges, as evident in the recent U.S. President Biden's executive order on improving the nation's cybersecurity. Snyk integrates with various package managers and developer tools to identify vulnerabilities in software components and has built a SBOM under its hood, normalizing lists of software and adding metadata from other sources. The company is working closely with the Linux Foundation to improve the SPDX standard and expand the ecosystem of tools, as SBOMs are expected to play a key role in addressing wider software supply chain security issues.