Software Bill of Materials (SBOM)
A software bill of materials (SBOM) is a list of components in a piece of software. Software vendors often create products by assembling open-source and commercial software components. The SBOM describes the components in a product. It is analogous to a list of ingredients on food packaging: where you might consult a lable to avoid foods that may cause allergies, SBOMs can help organizations or persons avoid consumption of software that could harm them.
Provided in reports, dashboards, and can be integrated with other tools.
The output of the code quality analysis supports machine-readable formats specified by CISA's SBOM requirements.
A comprehensive SBOM is not possible without an SCA. The output of the SCA is one of the inputs in creation of an SBOM.