SBOM Scanner

Introduction

SBOM Scanner is a powerful tool designed to help organizations manage the security of their software supply chain by scanning Software Bill of Materials (SBOMs) for open-source vulnerabilities. It leverages the world's largest vulnerability database to provide accurate and up-to-date information on potential security issues, along with recommended fixes.

Key Features

• SBOM Vulnerability Scanning: SBOM Scanner scans SBOMs to identify open-source vulnerabilities.

• Largest Vulnerability Database: Utilizes the world's largest vulnerability database for comprehensive coverage.

• Detailed Reports: Provides detailed reports on identified vulnerabilities, including severity levels and recommended fixes.

• Customizable Scans: Allows users to customize scans based on their specific requirements.

Getting Started

To start using SBOM Scanner, follow these simple steps:

1. Installation: Install SBOM Scanner on your system or integrate it into your CI/CD pipeline.

   • Download for macOS

   • Download for Linux

   • Download for Windows

   Copy

      curl --compressed https://digitalassets.sec1.io/sec1-sbom-scanner-macos -o sec1-sbom-scanner
      chmod +x ./sec1-sbom-scanner
      mv ./sec1-sbom-scanner /usr/local/bin/

2. Configuration: Configure SBOM Scanner to scan your SBOMs and connect to the vulnerability database. Config help

3. Scanning: Initiate scans of your SBOMs to identify vulnerabilities. Scan help

4. Review Reports: Review the generated reports to understand the identified vulnerabilities and their recommended fixes.

5. Remediation: Take necessary actions to address the identified vulnerabilities based on the provided recommendations.

Detailed Command Information

For more detailed information about any command, append --help (e.g. sec1-sbom-scanner config --help). This feature provides in-depth guidance on each command's usage and options.

Note: The help on the docs site is the same as the --help in the CLI.

sec1-sbom-scanner config

Manages the configuration of the Sec1 CLI. This command is the starting point for customizing the tool for your specific project requirements.

sec1-sbom-scanner scan

Conducts a comprehensive scan of the sbom.