SONATYPE SBOM Manager



Pret

 

SONATYPE SBOM Manager

SONATYPE SBOM Manager brings Sonatype’s best-in-class component scanning and vulnerability data together with market-leading SBOM management support to provide procurement, regulations compliance, and security teams with the tools they need to manage SBOMs for their software and the SBOMs they receive for third-party software.

 

 

Best Practices for DevSecOps :

  • Audit-ready Compliance - Import and retain every SBOM iteration for unparalleled insight and demonstrate meticulous record-keeping to readily address compliance inquiries at any time.
  • Sonatype Data right in your SBOMs - Bring Sonatype’s best-in-class component scanning and vulnerability data to bear on your ever-evolving SBOM management needs.
  • Peace of Mind - Control your entire software ecosystem with world-class SBOM management that pinpoints every component, vulnerability, and potential risk.

Best Practices for Developers :

  • Generate and Import - Generate both CycloneDX and SPDX SBOM formats, import them from third-party software, and analyze them to pinpoint components, vulnerabilities, and policy violations.
  • Store and Maintain - Store and tag all your SBOMs, including original and augmented SBOMs per application version with a streamlined VEX-based SBOM management workflow allowing continuous monitoring, automated alerts, and actionable dashboards sharing remediation guidance.
  • Search and Report - Quickly search based on applications or tags. Create customized reports and easily distribute them internally or externally.

For details, please contact us.