SBOM Manager

sbom (software bill of material) scanning involves analyzing the components and dependencies of a software application to identify potential security vulnerabilities, license, and compliance issues sboms are typically provided by third parties as a way to identify what components their software relies on soos has been stress tested to manage tens of thousands of sboms, and automatically links complex external sbom references (dependencies between sbom documents) for a unified view of your sbom inventory sbom document analysis soos inspects cyclonedx or spdx sboms to identify the software and packages contained within the document auto dependent sbom mapping soos will automatically link dependent sboms as they are ingested and scanned dependency tree creation after identifying directly referenced software and packages, soos’s patented dependency resolution builds the full dependency tree and catalogs introduction paths vulnerability matching using the full set of packages and dependencies, soos matches packages to vulnerabilities soos will call out if the vulnerabilities are in the sbom and found by soos, in the sbom and not found by soos, or not in the sbom but found by soos license matching using the full set of packages and dependencies, soos matches packages to licenses governance policies soos’s suite of governance policies may be run against the packages and licenses which were identified issue creation issues are created for any vulnerabilities, governance policies, unknown packages, and more report generation reports for each sbom are created and accessible via the soos developer, legal, security, and compliance dashboards requires the sbom manager add on see subscribing to soos products docid\ j40dn4nwvdyy7vurceq4s to make changes to your plan