SBOM
A Software Bill of Materials (SBOM) is a comprehensive inventory of all software components, dependencies, libraries, modules, and other related artifacts used in building a software application.
An SBOM is essential for various reasons, including:
- Security: Identifying vulnerable components and understanding the potential impact on the software.
- Compliance: Ensuring all components comply with licensing and regulatory requirements.
- Transparency: Providing a clear view of the software supply chain for stakeholders.
- Maintenance: Simplifying updates and maintenance by knowing exactly which components are used.
Our SBOM tab will display the SBOM(Software Bill of Materials) of the app. There you will find the following information:
- Name: The name of the package.
- Version: The version of the package.
- Risk: The level of risk associated with using this package.
- License: The license under which the package is distributed.
- Author: The author of the package.
- Number of CVEs / CWEs: The number of known Common Vulnerabilities and Exposures (CVEs) or Common Weakness Enumerations (CWEs) associated with the package.
- Path: The path to the package within the application.
Generating SBOM
- In Applications grouping you can find the SBOM button.
- Click on it to see the SBOM output options of the app (JSON or PDF).
- Click on the desired output format to download the SBOM.
PDF example output: