A Software Bill of Material (SBOM) is a statement of all software information that is utilized by a developer to build a software or service.
As the use of open source has expanded, the problem of security vulnerabilities has grown. In fact, a security vulnerability scan of 2,700 of software found security vulnerabilities in more than 95% of applications.
Source: BLACKDUCK's AppSec Decoded: Takeaways from the 2022 “Software Vulnerability Snapshot” report
In response to this, Arkain provides tools to generate and manage SBOM information for safer software development.
Quickly track and respond to known and new vulnerabilities.
Check the latest component status.
Check license compliance.
Get visibility into your software.
Click the [Generate SBOM] button.
Set the SBOM report format. You can choose between SPDX and CycloneDX.
Personalize your document by entering a Name for easy identification.
The SBOM report can be uploaded to an external SBOM analysis platform for more detailed analysis.
When you enable automatic report generation during Git push, SBOM reports will be created automatically each time you push changes to your repository. This ensures your SBOM stays up-to-date with your latest code changes.
SPDX (Software Package Data Exchange): An open standard for communicating software bill of materials information, including components, licenses, copyrights, and security references.
CycloneDX: A lightweight software bill of materials standard designed for use in application security contexts and supply chain component analysis.
Last updated
