sbom-tool
« Back to VersTracker
Description:
Scalable and enterprise ready tool to create SBOMs for any variety of artifacts
Type: Formula  |  Latest Version: 4.1.5@0  |  Tracked Since: Dec 15, 2025
Links: Homepage  |  @MSFTSecurity  |  formulae.brew.sh
Category: Security
Tags: sbom security compliance spdx cryptography devops
Install: brew install sbom-tool
About:
The Microsoft SBOM tool generates Software Bill of Materials (SBOMs) in SPDX or CycloneDX formats for various artifacts. It provides enterprise-grade features like high performance, policy enforcement, and cross-platform support. This tool helps organizations meet regulatory compliance and enhance software supply chain security.
Key Features:
  • Generates SBOMs in SPDX and CycloneDX formats
  • High-performance scanning with multi-threading
  • Supports multiple ecosystems (npm, Maven, NuGet, PyPI, etc.)
  • Policy enforcement for compliance checks
  • Cross-platform support (Windows, Linux, macOS)
Use Cases:
  • Generating compliance artifacts for regulatory requirements
  • Securing software supply chains by identifying dependencies
  • Integrating SBOM generation into CI/CD pipelines
Alternatives:
  • syft – Syft is a popular open-source alternative focused on container image scanning
  • tern – Tern focuses on container layer analysis and Docker image inspection
Version History
Detected Version Rev Change Commit
Dec 15, 2025 11:55pm 0 VERSION_BUMP 75188aab
Nov 5, 2025 5:21am 0 VERSION_BUMP 2ad234c2
Sep 16, 2025 1:12am 0 VERSION_BUMP f5b439f5
Nov 16, 2024 12:07pm 1 VERSION_BUMP 35421a52
Nov 15, 2024 10:46pm 1 VERSION_BUMP b56f5ca8
Sep 26, 2024 9:29pm 0 VERSION_BUMP 0dd1eb7b
Sep 18, 2024 9:54pm 0 VERSION_BUMP d148a3ad
Sep 13, 2024 3:08pm 0 VERSION_BUMP d2facbdf
« Back to VersTracker  |  Browse Packages  |  About