The Software Bill of Materials (or SBOM) is a list of components found in a piece of software. SOOS allows you to generate a Software Bill of Materials for any SCA project you are monitoring using the SOOS application.  

SBOMs can be generated for both current SCA scan data and historical SCA scan data.

To generate SBOM for current scan data:

  • From the SOOS dashboard, select the project for which you are interested in generating the Software Bill of Materials.
  • Once on the Project Details page, click the View Project Actions menu in the upper right corner, and select Export SCA SBOM.
  • In the Scan Export page, select the desired format to generate your SBOM.
    • SPDX or CycloneDX
      • Note: At this time only SPDX may be exported to RKVST.  Support for CycloneDX exports to RKVST are coming soon! 
  • Select the desired file type for your SBOM.
    • If exporting to RKVST, only Text and JSON options are available for SPDX.
      • HTML reports in SPDX format are for download only.
  • Select the following data to include in your report:
    • Package URLS 
    • License Text
    • License
    • Vulnerabilities
  • Use the Destination dropdown to choose to Download your SBOM or Export it to RKVST.
  • Select Export when all selections are complete.


To export historical scan data:

  • While viewing the Project Detail page, select the History tab.
  • Locate the date/time of the desired SCA scan and select the Export icon.  
  • On the Scan Export page, select the desired options, as outlined above, and click Export to download and save the file.
  • Repeat for all other historical scan data as desired.