New C/C++ SBOM Generator from Manifest Eliminates Software Supply Chain Security Blind Spots

News provided by

Manifest

Mar 12, 2026, 08:00 ET

Solution enables comprehensive discovery of C/C++ libraries within products and automates SBOM generation and enrichment

WASHINGTON, March 12, 2026 /PRNewswire/ -- Manifest, the leading platform for software and AI supply chain security, today announced its new Software Bill of Materials (SBOM) generator for unmanaged C and C++ (C/C++) programming languages. This capability addresses long-standing blind spots in software supply chain security and enables teams writing in C/C++ to generate, inventory, and scan accurate SBOMs.

C/C++ underpins some of the world's most critical systems, from vehicles and medical devices to defense platforms and industrial equipment, yet these environments have historically lacked reliable visibility into the software they ship. Legacy toolchains and fragmented ecosystems have made it difficult for security and compliance teams to build a comprehensive, trustworthy inventory of components in devices.

Manifest addresses these challenges by enabling accurate C/C++ SBOM generation and enrichment for embedded and low-level software, giving organizations the transparency to identify exposure, prioritize remediation, and meet regulatory expectations across critical infrastructure.

With the Manifest C/C++ SBOM Generator, customers gain:

  • Visibility for critical systems. Extend SBOM coverage into the low-level C/C++ and OS components embedded in devices and appliances, where visibility has traditionally been weakest.
  • Faster risk response. Enriched SBOMs pinpoint whether and where affected components exist, cutting time-to-assess and time-to-remediate when vulnerabilities or business risks arise.
  • Regulatory readiness. Produce more accurate, comprehensive SBOMs to meet stringent transparency and risk-management requirements in regulated environments (e.g., medical devices), including pre-market submissions demanding clear software supply chain documentation.

Building on this launch, Manifest is also rolling out a broader set of enhancements that help teams move from "what's in the software" to "what actually matters". These enhancements provide:

  • Strengthened visibility beyond traditional SCA: Automated vulnerability mapping for Nix packages, end-of-life / level-of-service (EOL/EOS) coverage across devices, and vulnerability reachability to confirm whether affected components are actually accessible.
  • Improved third-party risk mitigation: Binary analysis to give customers visibility when vendors refuse to provide SBOMs, plus actionable supplier risk analysis that prioritizes vendors based on measured risk.
  • AI governance: Continuous AI model scanning with daily assessments of open-weight from Hugging Face and custom models, giving customers an always-current view of model risk across the organization.

Daniel Bardenstein, CEO, Manifest, said: "Despite the push to use memory-safe languages, C/C++ still underpin critical infrastructure across our society. While organizations have been able to generate and consume SBOMs for other more modern languages, the gap for those developing in C/C++ has remained a critical blind spot for many critical software suppliers, particularly when facing compliance and regulation. Manifest can now safely and reliably close that gap, with the combination of our new C/C++ SBOM generator and binary analysis capabilities, and enhance security posture with our EOL/EOS enrichment for those projects."

In parallel, Manifest is expanding AI supply chain transparency, another example of the company's focus on solving hard technical challenges in critical environments. Since introducing Manifest AI Risk in August 2025, the product has helped teams continuously assess open-weight and custom models for vulnerabilities, provenance, software dependencies, and legal exposure, so organizations can govern AI adoption without slowing delivery.

About Manifest

Manifest is the leading platform securing the entire AI and software supply chain,from source code to models to third-party software. We empower product security and third-party risk teams to operate critical systems and applications with confidence by detecting and managing hidden software supply chain and AI risks at scale. The Manifest Platform provides end-to-end visibility and control across Product Security, AI Risk, and Supplier Risk, helping teams build secure, trusted software without losing velocity. Organizations across defense, healthcare, automotive, and other regulated industries trust us to strengthen product and AI security, reduce third-party risk, and support compliance. Learn more at www.manifestcyber.com

Media Contact

Shannon Van Every

Force4 Technology Communications

[email protected]

SOURCE Manifest

21%

more press release views with 
Request a Demo

Also from this source

New Manifest Report Finds 80% of Execs Think They're AI-Ready, While Only 40% of AppSec Agrees

New Manifest Report Finds 80% of Execs Think They're AI-Ready, While Only 40% of AppSec Agrees

Manifest, the leading platform for software and AI supply chain security, today released new research exposing a significant AI readiness gap inside...
Manifest Appoints Greg Armor as Chief Revenue Officer to Scale Global Go-to-Market

Manifest Appoints Greg Armor as Chief Revenue Officer to Scale Global Go-to-Market

Manifest, the leading platform for software and AI supply chain security, announced that Greg Armor has joined the company as chief revenue officer...
More Releases From This Source

Explore

Computer & Electronics

Computer & Electronics

Computer Software

Computer Software

Computer Software

Computer Software

High Tech Security

High Tech Security

News Releases in Similar Topics