# SBOM Scanner ## Introduction SBOM Scanner is a powerful tool designed to help organizations manage the security of their software supply chain by scanning Software Bill of Materials (SBOMs) for open-source vulnerabilities. It leverages the world's largest vulnerability database to provide accurate and up-to-date information on potential security issues, along with recommended fixes. ## Key Features * **SBOM Vulnerability Scanning**: SBOM Scanner scans SBOMs to identify open-source vulnerabilities. * **Largest Vulnerability Database**: Utilizes the world's largest vulnerability database for comprehensive coverage. * **Detailed Reports**: Provides detailed reports on identified vulnerabilities, including severity levels and recommended fixes. * **Customizable Scans**: Allows users to customize scans based on their specific requirements. ## Getting Started To start using SBOM Scanner, follow these simple steps: 1. **Installation**: Install SBOM Scanner on your system or integrate it into your CI/CD pipeline. * [Download for macOS](https://digitalassets.sec1.io/sec1-sbom-scanner-macos) * [Download for Linux](https://digitalassets.sec1.io/sec1-sbom-scanner-linux) * [Download for Windows](https://digitalassets.sec1.io/sec1-sbom-scanner-win.exe) ```bash curl --compressed https://digitalassets.sec1.io/sec1-sbom-scanner-macos -o sec1-sbom-scanner chmod +x ./sec1-sbom-scanner mv ./sec1-sbom-scanner /usr/local/bin/ ``` 2. **Configuration**: Configure SBOM Scanner to scan your SBOMs and connect to the vulnerability database. [Config help](/user-docs/5-sbom-scanner/config.md) 3. **Scanning**: Initiate scans of your SBOMs to identify vulnerabilities. [Scan help](/user-docs/5-sbom-scanner/scan.md) 4. **Review Reports**: Review the generated reports to understand the identified vulnerabilities and their recommended fixes. 5. **Remediation**: Take necessary actions to address the identified vulnerabilities based on the provided recommendations. ## Detailed Command Information For more detailed information about any command, append `--help` (e.g. `sec1-sbom-scanner config --help`). This feature provides in-depth guidance on each command's usage and options. **Note:** The help on the docs site is the same as the `--help` in the CLI. ### [`sec1-sbom-scanner config`](/user-docs/5-sbom-scanner/config.md) Manages the configuration of the Sec1 CLI. This command is the starting point for customizing the tool for your specific project requirements. ### [`sec1-sbom-scanner scan`](/user-docs/5-sbom-scanner/scan.md) Conducts a comprehensive scan of the sbom. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sec1.io/user-docs/5-sbom-scanner.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.