icsbom is a tool developed by Integrated Computer Solutions (ICS) for converting Software Bill of Materials (SBoM) into a Vex File.
Project description
ICSbom 
This application downloads data from the nvd api and creates a local Vulnerability Database.
If the database already exists it will be updated with changes since your last update.
It then uses that data to check the provided sbom file and give you a Vulnerability report. This tool is used by SBOMGuard ICS' open source, web-based cloud service.
Usage
icsbom [OPTIONS] INPUTFILE
Options
-h Help
- Shows the Application Help
--log set the log level of the application
- Valid levels:
NOTSET,DEBUG,INFO,WARNING,ERROR,CRITICAL - Default value:
WARNING
--cache_dir the path where the application will write
- Any path you can Read and Write to is valid
- Default:
$HOME/.cache/icsbom
--api_key API_KEY
- Use the API_KEY to access the NVD Api
- A Key is NOT required, providing one allows more api queries per second
- If the file
$CACHE_DIR/api_key.txtexists its contents will be used as the api key
--save_keySave the api key used by the api_key option
- Writes the used api key to
api_key.txtin the Cache Directory
--db_file filename for the database
- The filename used will be written into the cache directory
- Default:
nvd_v#.dbWhere # is the revision of the database format.
-o Output file to write
- File format depending on extention of the output file
- Valid extentions are *.txt, *.csv, *.html, *.json.vex
-i, --interactive Enter interactive mode after matching
-s, --skip-db-update
- This option will skip the database update and go right to scanning the file using the existing database.
--filter_file FILTER_FILE
- Override the builtin filters with the contents of
FILTER_FILE FILTER_FILEmust be a json file
--write_filters FILTER_OUT
- Write the default filters to a file
FILTER_OUTshould end in .json- Useful to adjust the filters for your projects needs.
-t TAR_DIR_PATTERN
- Used when the input file is a tarball crated by a yocto build process
- process the contents of the subdir matching the TAR_DIR_PATTERN
- Valid Patterns: recipies, packages
- Default: packages
INPUTFILE The input file
- File can be a sbom or tarball
Requirements
requires ics_sbom_libs
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file icsbom-1.1.0.tar.gz.
File metadata
- Download URL: icsbom-1.1.0.tar.gz
- Upload date:
- Size: 37.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.20
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 81df3efffcf70df41c0debb1719e579fb9c4e4cbcfd33194e400ff8a29bce369 |
|
| MD5 | d9120ac4c05ab79b7623559c12c1c608 |
|
| BLAKE2b-256 | e48673abbd2bf84c4a004328c876228a43bbdae2fecec4885d1a4333a5dc4814 |
File details
Details for the file icsbom-1.1.0-py3-none-any.whl.
File metadata
- Download URL: icsbom-1.1.0-py3-none-any.whl
- Upload date:
- Size: 39.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.9.20
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | eb1030dd910dffdef9dc7210cc8a70638f112c94b520953f845f98f49244be4f |
|
| MD5 | d649c32a1e2243228d693284b822fe3c |
|
| BLAKE2b-256 | 73cc0f2e5636fda11a93bc9b5cf4003bce049429b435a799b6c1faf521551dde |
