Getting Started with SOOS SBOM Manager

SBOM scanning helps ensure that software contained in first or third party SBOMs meet basic security standards and do not introduce risk to the organization. SOOS SBOM scanning runs a proprietary, patented analysis engine which runs deep dependency analysis, license analysis, and vulnerability detection using our database of 84+ million packages. SOOS SBOM will continually monitor your SBOMs for new threats, and will automatically link together dependent SBOMs.

Running a SBOM scan is quick and easy, once you have an account there are a number of ways to run your first scan, from there you can add additional configurations and integrations.

Use the File QuickScan option to upload a single SBOM document through the SOOS app.

Use the SBOM tab of the Integrations page to configure and run an SBOM scan using a script or CI/CD system.

SBOM scans will appear on your Developer Dashboad as projects. Project names can be specified using the Script or CI/CD integration or may be taken from the component name field if available. If the project name corresponds to an existing project, the scan indicator will be used to show all scan types for the project. See Projects for more details on determining and switching scan types for a project.

Want the technical details? Check out or GitHub Readme it has all the details you'll need. You can also browse the full source of our SBOM integration script under this same GitHub repo, if you're curious!

The SOOS Configuration System provides a highly flexible and overridable configuration system.

SOOS supports numerous Integrations, including Issue Management Integrations.