SOOS

Modern AppSec

SOOS SBOM Manager

Generate, Ingest, Manage & Monitor Complex SBOMs


Assembling a comprehensive SBOM from third party software or open source components is easy with SOOS SBOM Manager. Ingest, manage, and continually monitor third party SBOMs. Add SBOMs generated by your in house software developers using SOOS SCA. Use our API to access any of our 82M+ open source SBOMs.

SOOS makes it easy to comply with government SBOM regulations and mandates.


Talk with an expert

Award winning fast, accurate, and scalable application security tools.

Generate, Consolidate and Monitor complex SBOMs

The SOOS SCA and SBOM products allow you to generate a Software Bill of Materials at any point during the software development lifecycle. SOOS SBOM Manager takes that functionality a step further allowing the assembly and management of complex SBOMs from third party suppliers, and open source packages. SOOS continually monitors your SBOMs for new and updated vulnerabilities, licenses, and dependencies – automatically notifying you when new issues are found. SOOS supports CycloneDX, SPDX and VEX SBOM formats.

Talk with an expert

Unmatched Dependency Tree Intelligence

SOOS deep-tree vulnerability scanning capability is unique and ensures that vulnerabilities, even those buried deep in dependent software, are identified. SOOS updates third party SBOMs by continually scanning for newly discovered vulnerabilities and license changes.

SCA and DAST CI/CD Integration and Issue Management Integration
Unified Software Security Dashboard

SOOS SBOM API

Get access to SOOS’s 82M+ generated SBOMs for open source packages.

SOOS generates and maintains over 82M+ SBOMs for open source packages covering 11 unique package managers. API results include SOOS’s unique deep-tree dependency scan for packages, licenses, and vulnerabilities buried deep in the dependency tree.

Talk with an expert

A rich feature set for our SBOM Manager

SBOM Ingests 3rd party SBOMs

Ingests 3rd party SBOMs

Easily ingest and assemble component or application SBOMs from third parties.

SBOM Integrates with SOOS SCA

Integrates with SOOS SCA

SOOS SCA is built for software engineering teams to scan open source packages and generate SBOMs.

Includes 61M+ Open Source SBOMs

Includes 82M+ Open Source SBOMs

SOOS has generated over 82M+ SBOMs, across all 11 languages we support.

SBOM JSON Rest Based APIs

RESTful JSON APIs

Easily integrate the SOOS RESTful APIs into your CI/CD pipeline or platform.

SOOS SBOM Vulnerability Scan

Consolidation & Attestation

Consolidate multiple SBOMs, and provide attestation for detected vulnerabilities.

SBOM Vuln Scanning

SBOM Vulnerability Scanning

Keep your SPDX or CycloneDX SBOMs up to date with continuous deep-tree scans for new vulnerabilities.

SBOM Issue Management

Unified Dashboard

Explore and manage issues via a unified web dashboard shared with SOOS SCA and SOOS DAST.

SBOM License Management

License Management

Identify and Govern comprehensive SBOM licenses with up to date information from the SOOS research database.

SBOM Issue Management

Issue Management

Push issues to GitHub’s Security Panel (GitHub Issues) or Jira.

We support major programming languages

Java LogoJava
Python LogoPython
Ruby LogoRuby
.NET Logo.NET
JavaScript LogoJavaScript
PHP LogoPHP
Gradle LogoGradle
Rust LogoRust
Dart LogoDart
Homebrew LogoHomebrew
Elixir LogoElixir
Erlang LogoErlang
Golang LogoGolang
C++ LogoC++
Sooster

Take control of your security
and be ready for government mandates.

Talk with an expert