A SOOS SBOM Manager license gives you the ability to upload and scan an external SBOM file as a means of looking for vulnerabilities.  

This feature is not included in Standard or Community Edition licenses.  Please contact Support for information about adding this feature.

The following SBOM formats are accepted and must follow the sample naming conventions shown:

  • CycloneDX
    • Naming convention: *.cdx.json
  • SPDX 
    • Naming convention: *.spdx.json

SBOM scan data will appear on your main dashboard as it's own project. Project names in the UI will reflect the value contained in the name field of the SBOM file.