Software bill of materials (SBOM)

A Software Bill of Materials (SBOM) might be required for compliance with government security regulations.

You can generate an SBOM in Contrast that meets the specifications of the OWASP's CycloneDX SBOM standard. The capability is available through a simple API or a command through the Contrast command line interface (CLI).

The Contrast SBOM contains information about the software that your application uses including:

  • Libraries - Open source and third-party components present in a code base

  • Licenses that govern the software components

  • Versions of software components used in the code base

Before you begin
  • A Contrast OSS license is required

  • Supported language: JAVA

Steps
  1. Select Applications in the header.

  2. Select the Reports icon (ReportsIcon.png ) located at the top of the application's list.

  3. In the dropdown, select Generate Software Bill Of Materials (SBOM) to generate and download a copy of the SBOM.