Generating an IRX file using a Software Bill of Materials (SBOM) report

Use the REST API to create an IRX file from a Software Bill of Materials (SBOM) report in SPDX 2.3 format.

Before you begin

Ensure the SBOM report passes SPDX 2.3 validation and includes these fielss:
  • packages, including
    • checksum
    • packageComment
      The technology must be specified.
      • Parameter: TechnologyType
      • Possible values: Unknown, DotNet, Java, NodeJS, JavaScript, Python, Go, Debian, Php, CppC, Alpine, Ubuntu, SecondDebian
    • versionInfo
  • relationships (array)

About this task

To create an IRX file from an SBOM report and upload it to AppScan 360°, use the REST API.
Note: For additional information, see REST API

Procedure

  1. Use the FileUpload function of the REST API to upload the SBOM report.
  2. Use the Scans_CreateScaScan function of the REST API to create the scan.