SOOS SBOM Manager

SOOS SBOM Manager is a software bill of materials (SBOM) creation, management, and analysis platform. It enables organizations to generate and maintain SBOMs for their first- and third-party software, providing visibility into software components, dependencies, vulnerabilities, and license risks. Key capabilities include automated SBOM creation in industry-standard formats (CycloneDX and SPDX), continuous deep-tree dependency scanning that traverses the full dependency chain to surface hidden vulnerabilities, and the ability to ingest third-party SBOMs. The platform maintains a database of over 113 million SBOMs for open-source packages across 18 package managers and programming languages. SOOS SBOM Manager supports consolidation of multiple SBOMs, attestation via CDXA or standalone CSAF VEX documents, and provides full scan history for point-in-time compliance documentation. Its patented Software Composition Analysis (SCA) identifies vulnerabilities and license issues buried deep in the dependency tree and recommends fixes. A RESTful JSON API allows integration into CI/CD pipelines. License analysis capabilities scan SBOMs against an open-source license database and flag compliance issues. A unified ASPM dashboard provides a centralized view of software risk across tools. Issue management is supported through automatic ticket creation in third-party systems. Supported languages include Java, Python, Ruby, .NET, JavaScript, PHP, Gradle, Rust, Dart, Homebrew, Elixir, Erlang, Golang, and C++. SBOM exports are available in CycloneDX, SPDX, and SARIF formats.