sbom

OpenSCA-cli is a supply-chain security tool for security researchers and developers.

Graphical user interface to scan and audit source code using SCANOSS API.

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

A polyglot tool and a library for generating various Bill of Materials in CycloneDX specification.

Trivy is a comprehensive and versatile security scanner.

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.