icsbom is a tool developed by Integrated Computing Solutions (ICS) for converting Software Bill of Materials (SBoM) into a Vex File.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for crizzitello from gravatar.com crizzitello

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Project description

icsbom PyPI version REUSE status

This application downloads data from the nvd api and creates a local Vunerability Database. If the database already exists it will be updated with changes since your last update. It then uses that data to check the provided sbom file and give you a Vunerability report

Usage

icsbom [OPTIONS] INPUTFILE

Options

-h Help

  • Shows the Application Help

--log set the log level of the application

  • Valid levels: NOTSET, DEBUG, INFO, WARNING, ERROR, CRITICAL
  • Default value: WARNING

--cache_dir the path where the application will write

  • Any path you can Read and Write to is valid
  • Default: $HOME/.cache/icsbom

--api_key API_KEY

  • Use the API_KEY to access the NVD Api
  • A Key is NOT required, providing one allows more api queries per second
  • If the file $CACHE_DIR/api_key.txt exists its contents will be used as the api key

--save_keySave the api key used by the api_key option

  • Writes the used api key to api_key.txt in the Cache Directory

--db_file filename for the database

  • The filename used will be written into the cache directory
  • Default: nvd_v#.db Where # is the revision of the database format.

-o Output file to write

  • File format depending on extention of the output file
  • Valid extentions are *.txt, *.csv, *.html, *.json.vex

-i, --interactive Enter interactive mode after matching

-s, --skip-db-update

  • This option will skip the database update and go right to scanning the file using the existing database.

--filter_file FILTER_FILE

  • Override the builtin filters with the contents of FILTER_FILE
  • FILTER_FILE must be a json file

--write_filters FILTER_OUT

  • Write the default filters to a file
  • FILTER_OUT should end in .json
  • Useful to adjust the filters for your projects needs.

-t TAR_DIR_PATTERN

  • Used when the input file is a tarball crated by a yocto build process
  • process the contents of the subdir matching the TAR_DIR_PATTERN
  • Valid Patterns: recipies, packages
  • Default: packages

INPUTFILE The input file

  • File can be a sbom or tarball

Requirements

requires ics_sbom_libs

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for crizzitello from gravatar.com crizzitello

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

icsbom-1.0.1.tar.gz (37.2 kB view hashes)

Uploaded Source

Built Distribution

icsbom-1.0.1-py3-none-any.whl (39.0 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page