• You are here:  
  • Home
  • Q&A
  • Q&A
  • PowerBuilder
  • Software Bill of Materials (SBOM) for PB 2017 R3 & PB 2019 R3

Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (5)

Resolved Software Bill of Materials (SBOM) for PB 2017 R3 & PB 2019 R3

  1. How-to
0
Votes
Undo
  1. Ilamathi Ravindran
    Ilamathi Ravindran
  2. PowerBuilder
  3. Monday, 8 April 2024 12:15 PM UTC

Hi Team,

 

In order for Infor to comply with the European Union NIS2 directive, we have been asked to request Software Bill of Materials (SBOM) for all of our 3rd Party Products and Appeon’s PowerBuilder is one of those products.  Would you provide us with an SBOM for the PowerBuilder 2017 R3 and 2019 R3 in the CycloneDx format?  

If needed, we could accept the SBOM in the SPDX format as the CycloneDX product has a converter.    

 

Regards,

Ilamathi R

RTE control
Powerbuilder Perpetual license
Responses (5)
Ilamathi Ravindran
Ilamathi Ravindran Accepted Answer Pending Moderation
  1. Thursday, 18 April 2024 07:37 AM UTC
  2. PowerBuilder
  3. # 1

Hi Armeen,

Thank you for providing the list of third-party software used in PB 2019. We are looking for a tool that can generate a software bill of materials (SBOM) report to capture the data from this PDF in the CycloneDX format.

Regards,
Ilamathi

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Thursday, 18 April 2024 14:50 PM UTC
I'm not aware of what tool to recommend for this. If you don't get response from other people here, you might want to Google it.
  1. Helpful
There are no comments made yet.
Ilamathi Ravindran
Ilamathi Ravindran Accepted Answer Pending Moderation
  1. Thursday, 18 April 2024 07:36 AM UTC
  2. PowerBuilder
  3. # 2

Hi Chris,

We appreciate your suggestion to use the Visual-Expert tool to scan for vulnerabilities in the PowerBuilder IDE's library. However, our goal is not to list vulnerabilities in the SBOM report itself. The report should contain data about software components, including the component name, supplier name, version, and unique identifiers, as well as information about dependencies between components to allow accurate identification and tracking of all software components across the supply chain.

Therefore, we are currently looking into options to generate a SBOM specifically for the PowerBuilder library versions 2017 and 2019.

 

Regards,

Ilamathi

Comment
There are no comments made yet.
Chris Pollach @Appeon
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Wednesday, 17 April 2024 19:02 PM UTC
  2. PowerBuilder
  3. # 3

Hi Ilamathi ;

  Besides what you can generate (export) from the PB IDE's Library or Object Painters ... would a more comprehensive product like this be what you are looking for to check for vulnerabilities ... https://www.visual-expert.com

Regards .. Chris

Comment
There are no comments made yet.
Hans Groeneveld
Hans Groeneveld Accepted Answer Pending Moderation
  1. Wednesday, 17 April 2024 13:26 PM UTC
  2. PowerBuilder
  3. # 4

Hi

We do have the same problem.
We need to have a recent sBom.

powerbuilder should have a option to generate a sBom.

 

Kind Regards

Hans

Comment
There are no comments made yet.
Armeen Mazda @Appeon
Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Tuesday, 9 April 2024 00:32 AM UTC
  2. PowerBuilder
  3. # 5

You would need to create the SBOM yourself in the format you want.  Here is the information about third-party libraries in PowerBuilder: https://docs.appeon.com/policies/Appeon_PowerBuilderRuntime_2019R3_FreeDownloadTerms.pdf

 

Comment
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.