Get FDA readyServicesGuardian helpGet a demo

Convert your SBOM from CSV to CycloneDX

Skip the conversion tools and scripts! You can now import CSV and Excel SBOMs directly to Helm.

Upload a CSV or Excel SBOM

This feature is in beta. Let us know your feedback and what we can do to enhance this experience!

You can upload CSV and Excel files directly to Helm and have them automatically converted to a CycloneDX SBOM. This eliminates the need for manual conversion tools or scripts.

  1. Click the Upload SBOM button.

  2. In the modal that displays, specify a product name and version.

  3. In the SBOM type drop-down, select Document.

  4. Select or drag and drop a file in the SBOM file field.

  5. Click Generate CycloneDX SBOM.

  6. Preview your data before uploading. Review the component information to ensure everything looks correct and catch any formatting issues.

  7. Click Upload to convert and import your SBOM.

  8. Once imported, your SBOM will be ready for vulnerability analysis and remediation, and can be exported in CycloneDX, SPDX, or CSV format, plus our expert-crafted FDA SBOM. You can also export VEX and VDR reports.

Use an open-source tool

The one that we’ve used is CycloneDX-CLI. You will have to install and run this locally, so if this is outside your realm of expertise, contact us so we can get your SBOM converted.

  1. Install CycloneDX-CLI.

  2. Add these metadata columns shown in this example file into your CSV file: Supplier, Type, Name, Version. You may already have these columns. They are required in order for Helm to be able to successfully identify matches for your components.

  3. Add the metadata field to your CSV file. See the CycloneDX dependency graph use case for more information.

  4. Run the tool, using the “--output-format json” option. This will output the file as a JSON file format. For example, from your directory (ours is ./bin/linux-x64/cyclonedx), you would enter the following in the command line (in our example, we used source_sbom_cyclonedx.csv as our source CSV file, then destination_sbom_cyclonedx.json as the output JSON file that we were creating from the CSV file): convert --input-file source_sbom_cyclonedx.csv -–output-format json > destination_sbom_cyclonedx.json

Write a custom script

You can write a custom script in Python or your favorite language to convert the file from CSV to CycloneDX JSON.

PreviousGenerate SBOM with Yocto on LinuxNextGet expert Services help

Last updated

Was this helpful?