Subscription Service Available for Sending Email Notifications of New Vulnerability Alerts

SBOM Insights now provides a subscription service that automatically sends daily emails to users alerting them of new security vulnerabilities associated SBOM parts in their Organization.

To provide this service, SBOM Insights performs a daily check of new security vulnerabilities associated with SBOM parts across Organizations. If new vulnerabilities for SBOM parts are discovered, alerts for the vulnerabilities are generated. After each daily check, a compilation of the alerts per Organization is sent in an email to each SBOM Insights user who has subscribed to receive alert notifications pertaining to their Organization.

Notifications are emailed after the daily vulnerability check only if new vulnerabilities for parts in a given Organization have been reported since the previous check. When notifications are emailed, the email contains alerts for only those new vulnerabilities affecting the Organization since the last check.

If a user belongs to multiple Organizations, a separate email is sent for each Organization in which the user has subscribed to receive notifications.

Subscription Request

Users can subscribe to the daily alert notifications in their Organization through the new Preferences page accessed from the left navigation panel in the SBOM Insights user interface.

Example Email Contents

The following shows the content of an example email notifying a user of the new vulnerability alerts associated with SBOM parts in the user’s Organization. The alerts are grouped by bucket, each bucket having its own grid that lists the alerts associated with SBOM parts in that bucket. The alerts in each bucket grid are sorted in descending order by the Score column, which lists the CVSS v3.x score for the vulnerability associated with a given alert.