How can SBOM in cyclonedx format be integrated?

Question

How can SBOM in cyclonedx format be integrated?

Closed this issue 5 months ago · 2 comments

We are using syft/gryft for sbom and vulnerability scanning, outputing in XML or JSON SBOM format. How can we integrate this with betterscan?

Answer 1 · 2023-01-15T08:47:55.000Z

@miraculixx Interesting.

Do you use it for Docker images or other things?

Betterscan has also OSV scanner integrated, which covers lockfiles (package managers) and SBOM. I think also Debian based docker images.

I might add Syft/Gryft (grype?) to PRO version, DM if you are interested. Feel free to also make PR to add (should not be hard), if you know Python, have programming skills.

Answer 2 · 2024-04-15T09:23:20.000Z

Closing due to inactivity