SCANOSS and Lyra Partner to Advance SBOM Compliance in India

New partnership strengthens automation and compliance support for India’s financial sector under SEBI’s new SBOM mandate.

Madrid, Spain – SCANOSS, the open source risk intelligence platform, today announced a strategic partnership with Lyra, a leading technology provider in India. Lyra will represent SCANOSS across the Indian market, helping organisations address new regulatory obligations and reduce supply chain risk with automated Software Bill of Materials (SBOM) management.

India has taken a decisive step towards software transparency. The Securities and Exchange Board of India (SEBI) recently introduced the Cybersecurity and Cyber Resilience Framework (CSCRF), mandating the use of SBOMs across all regulated financial institutions. This requirement covers both new and existing software and marks a turning point in how banks, insurers, and financial services providers must manage their digital infrastructure.

For the BFSI sector, the challenge is operationalising compliance at scale. More than 95% of software development is outsourced to major service providers such as Wipro, Infosys, and Cognizant. Meeting SEBI’s mandate means these institutions need a reliable way to track, maintain, and audit SBOMs across complex supply chains without slowing down development or procurement cycles.

The partnership between SCANOSS and Lyra directly addresses this challenge. SCANOSS brings global expertise in open source risk intelligence and SBOM automation, while Lyra contributes deep knowledge of the Indian market and its regulatory landscape. Together, they will enable financial institutions to generate and maintain SBOMs in real time, ensuring compliance while reducing manual overhead and audit risk.

This collaboration builds on SCANOSS’s ongoing work to highlight India’s role in the global SBOM movement. With SEBI’s framework, India joins the United States and the European Union in placing SBOMs at the centre of cybersecurity regulation.

About Lyra

Lyra Infosystems Pvt limited is a pioneer in enterprise open source solutions, helping organisations adopt, secure, and govern open source at scale. Its expertise spans security, licence compliance, intellectual property audits, and M&A due diligence, alongside custom development and automation services. Lyra enables enterprises to innovate with open source while managing risk and ensuring long-term resilience.

About SCANOSS

SCANOSS is the open source risk intelligence platform, providing real-time data and analysis to secure the software supply chain. By integrating into developer workflows and compliance processes, SCANOSS enables organisations to manage open source components, generate SBOMs, and meet global regulatory requirements.