You Should Secure Your Containers Now: Here’s Why
“If a vulnerability cannot be found, it cannot be patched.”
A bill of materials (BOM) is a consolidated source of information that contains a list of objects required in the production process. It is a detailed list of raw materials and components.
A small percentage of businesses have access to the open-source software they use. When developing a product, a software Bill of Materials (BOM) is required to limit the potential of mistakes. You can quickly address security, licensing, and operational problems associated with open-source software.
Get started with the Bill of Materials in Carbonetes
You can view the bill of materials (BOM) under the single analyzer on the left sidebar. On the BOM page, you’ll discover a drop-down menu of registries and buttons.
If the image is in the registry, but not shown in the table, you can sync it by clicking the reload button next to the Registry menu. Clicking on the “next” button will perform analysis for the whole registry, but it might take some time depending on how many images there are in the registry. If you don’t want to analyze the entire registry, you can click the checkbox on the first column of the specific image. When you click the button, it will only analyze the selected image. After the analysis, you can navigate to the summary column and click on the packages found.
A new table will pop-up with the list of packages. There will be a filter if there are two or more package types. You’ll be able to review the package name, version, type, and the number of paths a single package contains. The list is downloadable in .csv and .xlsx format.
As an additional feature, you will find a filter icon beside the search field. Upon clicking the filter icon, it will display the list of image tags in the table, package types, and lastly, you can filter analyzed and not analyzed images.
That’s how we use the bill of materials in Carbonetes. Easy and simple.
Sign up now to secure your containers.