SBOM Scanner
Introduction
SBOM Scanner is a powerful tool designed to help organizations manage the security of their software supply chain by scanning Software Bill of Materials (SBOMs) for open-source vulnerabilities. It leverages the world's largest vulnerability database to provide accurate and up-to-date information on potential security issues, along with recommended fixes.
Key Features
SBOM Vulnerability Scanning: SBOM Scanner scans SBOMs to identify open-source vulnerabilities.
Largest Vulnerability Database: Utilizes the world's largest vulnerability database for comprehensive coverage.
Detailed Reports: Provides detailed reports on identified vulnerabilities, including severity levels and recommended fixes.
Customizable Scans: Allows users to customize scans based on their specific requirements.
Getting Started
To start using SBOM Scanner, follow these simple steps:
Installation: Install SBOM Scanner on your system or integrate it into your CI/CD pipeline.
Configuration: Configure SBOM Scanner to scan your SBOMs and connect to the vulnerability database. Config help
Scanning: Initiate scans of your SBOMs to identify vulnerabilities. Scan help
Review Reports: Review the generated reports to understand the identified vulnerabilities and their recommended fixes.
Remediation: Take necessary actions to address the identified vulnerabilities based on the provided recommendations.
Detailed Command Information
For more detailed information about any command, append --help (e.g. sec1-sbom-scanner config --help). This feature provides in-depth guidance on each command's usage and options.
Note: The help on the docs site is the same as the --help in the CLI.
Manages the configuration of the Sec1 CLI. This command is the starting point for customizing the tool for your specific project requirements.
Conducts a comprehensive scan of the sbom.
Last updated