SBOM Layout

SBOM (Software Bill of Materials) is a list of all open source dependencies. It has also become a common requirement during due diligence and compliance processes
SBOM (Software Bill of Materials) enables rapid risk and event management. The SBOM layout is built with the following asset hierarchy: Repo -> Code Projects -> Dependencies
Main use-case:
  • Breakdown of monorepo to code projects
  • Enable code projects and repositories’ tagging based on the dependencies (packages) used
  • Identify all repos that use certain dependencies. This can be especially helpful when trying to identify assets that use vulnerable packages before the AST’s are updated to detect the desired vulnerability.
The SBOM can be exported to CSV by clicking on the export button