How would you manage Software Bill of Materials (SBOM) management, API security gateways, and zero-trust architecture at Moody's?