The latest version of AdaCore’s signature GNAT Pro Assurance product introduces a service that helps customers with their vulnerability mitigation strategy for third-party tools. With GNAT Pro Assurance 22, customers can request a detailed list of known problems, each keyed to The MITRE Corporation’s Common Vulnerability Enumeration (CVE) database. Vulnerability reports are provided in machine-readable CVE JSON format as well as human-readable PDF reports. In addition to this information, AdaCore now produces Software Bills of Materials (SBOM). SBOMs are supplied in the industry-standard Software Package Data Exchange (SPDX) format, allowing automated incorporation into customers’ vulnerability management and reporting systems.