parlay
« Back to VersTracker
Description:
Enrich SBOMs with data from third party services
Type: Formula  |  Latest Version: 0.9.0@0  |  Tracked Since: Dec 18, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: sbom security compliance vulnerability devops
Install: brew install parlay
About:
Parlay is a command-line tool designed to enrich Software Bill of Materials (SBOMs) by integrating vulnerability and license data from third-party services like Snyk. It automates the process of augmenting dependency manifests with external intelligence, enhancing security and compliance posture. This streamlines the workflow for developers and security teams managing open-source risk.
Key Features:
  • Enriches SBOMs with vulnerability and license data
  • Integrates with third-party APIs (e.g., Snyk)
  • Supports standard SBOM formats like CycloneDX and SPDX
  • CLI-driven for automation in CI/CD pipelines
Use Cases:
  • Augmenting CI/CD pipelines with automated SBOM enrichment
  • Conducting compliance audits by adding license metadata to SBOMs
  • Enhancing vulnerability reports with external threat intelligence
Alternatives:
  • syft – Syft generates SBOMs from container images and filesystems, while Parlay focuses on enriching existing SBOMs with external data.
  • trivy – Trivy is primarily a vulnerability scanner for containers and codebases, whereas Parlay specializes in SBOM augmentation from third-party services.
Version History
Detected Version Rev Change Commit
Dec 18, 2025 2:18pm 0.9.0 0 VERSION_BUMP 41c5d43d
Oct 10, 2025 4:32pm 0 VERSION_BUMP 06a3ae27
Jan 10, 2025 12:46pm 0 VERSION_BUMP cc9fd0e1
Jan 10, 2025 11:03am 0 VERSION_BUMP 7bc7f527
Dec 14, 2024 3:00pm 0 VERSION_BUMP e8950731