This lab will demonstrate generating / testing and enriching sbom files using snyk.
- Having a snyk account/token/cli
- Having a sample code to run SCA tests on which will be used for the sbom. In this lab the following repo is used for the demo purpose
- other 3rd party tools
- To view CLI results in a friendly html format, we'll use snyk-to-html
- To test snyk generated sbom for vulns using the CLI, we'll use the snyk provider for bomber
Make sure you followed the steps in Getting Started before running the steps described below.
To start creating SBOM files follow the steps described in SBOM Creation Options
To start testing SBOM files follow the steps described in SBOM Testing Options
To start enriching SBOM files follow the steps described in SBOM Enriching Options