It would be a great accelerator for #sbom adoption if there was a way to leverage them to accelerate #NIAP / #FIPS / #FedRAMP

If one was able to digitally attest to known approved versions of software libraries in their SBOM, you would think it could reduce their certification burden.

The current NIAP/CC/FedRAMP process is endlessly broken and this could be a great way to start to modernize it.