Upload Software Bill of Materials files manually

Xanadu Security Management

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu Security Management

ft:clusterId

security

bundleId

security

workflow

Technology

Upload Software Bill of Materials files manually

Release version: Xanadu

Updated October 30, 2024

1 minute to read

Upload Software Bill of Materials (SBOM) files manually.

Starting with version 4.0, SBOM Core supports:

Role required: sn_sbom_core.sbom_ingest

Upload files manually.

The method you use to upload your files depends on whether you have the SBOM Core or SBOM Response applications installed.

Option	Description
If you have installed SBOM Core	Navigate to SBOM Core > BOM Ingestion Status. On the Bill of Materials list select New. Select the Click to add link. You can upload one SBOM file at a time. Select Choose file and locate the file you want. The file name is displayed on the Choose an attachment file page. Select OK.
If you have installed SBOM Response starting with v4.0	Navigate to All > Workspaces > SBOM Workspace > BOM Queue. Select Upload BOM. The Upload SBOM file modal is displayed. Select the Attach file link. Locate the file you want and select Open. After your file uploads, a link for the file is displayed along with three icons that provide you with the following options: Download the file. Edit the file name. Delete the file from the upload. Select Upload to continue. You can upload one SBOM file at a time. (Optional) Select a Business application and a Product model from the lists. These values help you associate this SBOM to a business application or product model in your organization. This information is displayed on the BOM entity record after upload. Select Upload. The BOM queue page is displayed and the file is listed on the SBOM ingestion section along with upload status other information about the file.

Option

Description

If you have installed SBOM Core

Navigate to SBOM Core > BOM Ingestion Status.
On the Bill of Materials list select New.
Select the Click to add link.
You can upload one SBOM file at a time.
Select Choose file and locate the file you want.
The file name is displayed on the Choose an attachment file page.
Select OK.

If you have installed SBOM Response starting with v4.0

Navigate to All > Workspaces > SBOM Workspace > BOM Queue.
Select Upload BOM.
The Upload SBOM file modal is displayed.
Select the Attach file link.
Locate the file you want and select Open.
After your file uploads, a link for the file is displayed along with three icons that provide you with the following options:
- Download the file.
- Edit the file name.
- Delete the file from the upload.
Select Upload to continue.
You can upload one SBOM file at a time.
(Optional) Select a Business application and a Product model from the lists.
These values help you associate this SBOM to a business application or product model in your organization. This information is displayed on the BOM entity record after upload.
Select Upload.
The BOM queue page is displayed and the file is listed on the SBOM ingestion section along with upload status other information about the file.

Optional: Upload SBOM files imported by the Veracode Vulnerability Integration.

Note:
You can upload Veracode files in CycloneDX (JSON and XML) and SPDX (XML) formats only if you have installed and activated the Veracode integration with Application Vulnerability Response. See the Veracode Vulnerability Integration for more information.

After an SBOM is successfully processed, where you view the upload status depends on the applications you are using.

If you are using SBOM Response, the BOM Entity record is displayed on the SBOM Ingestion Status list in the BOM Queue module in the SBOM Workspace.
If you are using SBOM Core, navigate to SBOM Core > BOM Ingestion Status.