2-June-2022 DC CAW
CERT Sweat Equity
CERT provides SwiftBOM a tool for humans to create SBOM manually. It is a particularly useful tool for those learning about SBOM. An example SBOM is included. SwiftBOM currently generates SBOM in SPDX, CycloneDX and SWID formats. A tree graph is also generated by SwiftBOM that can be downloaded as a PNG file to quickly visualize relationships between components in an SBOM, including vulnerabilities highlighted in red.
The source code is open source at https://github.com/CERTCC/SBOM/tree/master/SwiftBOM .
See the SwiftBOM video playlist https://youtu.be/pmqGp8TWoF4 for more info.