Software Bill of Materials

sbom

The Software Bill of Materials object describes characteristics of a generated SBOM.

Attributes

CaptionNameTypeDescription
Created Time created_time Timestamp The time when the SBOM was created.
Software Package package Software Package[] The device software that is being discovered by an inventory process.
Product product Product[] The product that generated the SBOM e.g. cdxgen or Syft.
Raw Data raw_data JSON Group:context
The event data as received from the event source.
Record ID record_id String Group:primary
Unique identifier for the object
Software Components software_components Software Component[] The list of software components used in the software package.
Unmapped unmapped Unmapped[] Data from the source that was not mapped into the schema.

Relationships

Software Bill of Materials shown in context

Inbound Relationships

These objects and events reference Software Bill of Materials in their attributes:

Outbound Relationships

Software Bill of Materials references the following objects and events in its attributes:

This page describes ocsf-1.4.0