Manual Creation of SBOM Parts

In addition to support for importing SBOM parts, SBOM Insights lets you refine an SBOM by manually creating missing SBOM parts. You can create an SBOM part in two ways—through a Component Lookup and by using freeform input.

Component Lookup

Many of your SBOM parts will represent monolithic components including top-level items, direct and transitive dependencies, and containers. Using a component lookup allows the SBOM Part to be associated with a component version for accurate licensing and security vulnerability data reporting.

Freeform Input

Cases arise when you want to add SBOM parts to your SBOM that do not represent monolithic components, but instead cover individual source or binary files, code fragments, images and icons, or documentation files. In such cases, a component often does not exist for selection. The ability to provide freeform input thereby allows the flexibility to define the SBOM part in any way you would like.