Automate SBOM and vulnerability management via Helm API SDK
Overview
The Helm API allows users to efficiently manage SBOMs, assess vulnerabilities, and generate detailed reports. Currently available as a Python SDK (built on protobuf), the Helm API provides bindings and helper scripts to facilitate interactions with the API.
Key features
Upload single or multiple SBOMs.
Retrieve all vulnerabilities or filter to focus on CISA KEV vulnerabilities.
Generate FDA SBOM reports or CycloneDX VEX reports.
Identify unmatched SBOM components in your data.
Getting started
Request API access
Contact us to start using the Helm API. The Helm API is currently available as a Python SDK. It is in protobuf, with the API SDK providing Python bindings as well as helper bash scripts with which to call the SDK. The current API SDK version is 2.87.0.
If you need our C# SDK, it is currently in alpha mode. Contact us if you would like access to this.
Download Helm API SDK
Once you have received an email granting you access to the Helm API, click the Developers item in the sidebar.
Download the file below.
Before using the file, you should check that the MD5 checksum is
b2568125fa42008ed03844276d36fb7d
. If you're not sure how to do this, this source can be helpful.Because our API documentation is hosted on Gitbook, you will see an interim page that Gitbook is verifying the safety of this file -- this page unfortunately does not go away, but your file will complete downloading successfully.
Authentication and setup
Once you have been granted access to the Helm API, you'll need to download our API SDK, then generate your API key to make calls to the API.
Run scripts to automate SBOM and vulnerability management
API methods
The Helm API provides the following methods:
listorganizations: Retrieves the organizations that the user has access to.
listorganizationproducts: Retrieves the products a given organization has.
listorganizationproductversions: Retrieves the product versions of a particular product for that organization.
createorganizationproduct: Creates a new product under that organization with the provided product name. The user will have access to this product.
createorganizationproductversions: Creates a new product version under a selected product with the provided version name.
submitsbom:
Uploads an SBOM provided in the
--sbom_files
parameter.Allows the user to upload an SBOM under an existing product and product version.
Users can create a new product, product version, and upload an SBOM under this new version.
listunmatchedsbomentries: This lists all of your unmatched SBOM entries for a given SBOM product and version.
listvulnerabilities: This lists all vulnerabilities for a given SBOM product and version. You can also filter this down via
--exploit_source
to CISA KEV vulnerabilities only, as detailed below.requestreport: This issues a request to generate a product version report. The report generation process is asynchronous, so this may take a moment.
getreportrequeststate: This checks on the status of a requested report.
getreportfile: Once a report request is completed (report_request_state=4), the report file will be available for download.
Last updated
Was this helpful?