Export your SBOM
You can use this export function, or you can take advantage of our new, more enhanced SBOM and vulnerability reports, as well as the only FDA expert-crafted SBOM that ensures you meet FDA SBOM requirements!
There are two ways to export your SBOM:
Click the Reports item in the sidebar, then click the corresponding export button on the report card.
Click the Manage SBOM drop-down button, then click Export SBOM
When downloading (exporting) your SBOM to share with others or for auditing purposes, you can either export your original SBOM or your enhanced SBOM (with matches our system made automatically or that your team matched). You can also choose to include vulnerabilities and any associated CPE or PURL information in your export. SBOMs are currently exported in CycloneDX 1.4 format. If you are interested in exporting in another format, let us know.
Customize your SBOM export
Export as file name: This is the filename that will be generated with your exported data.
Export details: You can choose to export your original SBOM or your enriched SBOM. Your enriched SBOM can include vulnerabilities, enriched CPE and PURL information, and more.
Export as file type: For your original SBOM, you can export in CycloneDX JSON, SPDX JSON or XML, and CSV. For your enriched SBOM, you can export in CycloneDX or SPDX JSON.
Include vulnerabilities: Check this box to export all of the vulnerabilities associated with this SBOM. This will include the source name (currently always the NVD), a link to the vulnerability, both its v2 and v3 CVSS scores and vector strings, when the vulnerability was first detected, when it was updated, and more.
Include enriched CPEs and PURLs from matching: Your original SBOM export will include all CPE/PURL information, but you can check this box to export all enriched CPE/PURL data, including those identified by Helm or during the matching and analysis process or that you manually matched or added.
Last updated